RewriteProxy with .htaccess in IIS

Rewrite and proxy HTTP requests in IIS. In my case scenario, I had to proxy requests on IIS, because a website was moved from web server A to B, and the DNS wasn’t updated yet. All HTTP requests for the moved website are handled in IIS’ Default Web Site; that’s the wildcard host, and the original host no longer existed there. We needed to match our website and proxy those requests to the new IIS web server. This can either be done using a proxy with URL Rewrite, IIS Application Request Routing (ARR), or a .htaccess file handled by Helicon Ape.

Web.config prerequisites for .htaccess proxy #

The .htaccess RewriteProxy directive gives us the opportunity to rewrite requests from domain/web server A to web server B. Of course, the host must be known on web server B, since we preserve the hostname.

Given the scenario, we chose to RewriteProxy all requests using a .htaccess file.

Depending on how you installed Helicon Ape, you may -or may not- have to create a specific .apehandler. If you didn’t installed Helicon Ape automatically using an .msi file, but manually, you probably need this. Otherwite Ape can’t proxy requests through an .htaccess file.

I thought you might find this interesting:   Ghost on IIS with HTTPS, how to resolve a "Too many redirects" error

web.config configuration #

As said, you need to configure the special .apehandler in IIS to start proxying requests. Add to your web.config file (if required):

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.webServer>
        <handlers>
          <!-- The Helicon.Ape version number must match your installed
               Ape version or IIS will return an error! -->
          <add name="Helicon.Ape Handler"
            path="*.apehandler"
            verb="*"
            type="Helicon.Ape.Handler, Helicon.Ape, Version=3.1.0.138,
            Culture=neutral, PublicKeyToken=95bfbfd1a38437eb"
            resourceType="Unspecified"
            requireAccess="Script"
            preCondition="integratedMode" />
        </handlers>
    </system.webServer>
</configuration>

RewriteProxy .htaccess script #

Our .htaccess file we need (explanation is in the comments):

# Enable the rewrite engine
RewriteEngine On

# Proxy requests for example.net and www.example.net to
# a different web server hosting example.het, by its IP address and 
# preserving its Host: HTTP header. This is useful for when you just 
# moved a website and DNS hasn't been refreshed yet.
RewriteCond %{HTTP_HOST} ^www\.example.net$ [OR]
RewriteCond %{HTTP_HOST} ^example.net$
RewriteCond %{REQUEST_URI} (.+)

# %1 matches your first matched value, thus (.+) in this case, 
# or "www" when I use:
#    RewriteCond %{HTTP_HOST} ^(www\.)example.net$
# Adjust %1 to %2 or %3 where appropriate.
RewriteProxy .? http://203.0.113.15%1 [H,L]

Another great RewriteProxy option is:

# Enable the rewrite engine
RewriteEngine On

# Proxies requests to pull the content from site B for display on site A
# https://secure.example.com/images/
# For example proxies http://www.example.com/images/header_logo.png to 
# http://www.example.net/images/header_logo.png (note the different TLD)
# 
RewriteProxy ^(.*) https://secure.example.com/images/$1 [H,L]

The [H] flag insures the Host: HTTP header is preserved. This means the hostname, or website domain name, needs to exist on other web server (B). When you omit the [H] flag, the requested resource is pulled from the remote destination server and shown on the requested web site:

RewriteProxy ^images/(.*) https://secure.example.com/images/$1

Another example, pulled from an old post:

# Enable the RewriteEngine.
RewriteEngine On

# Rewrite hostheaders example.com and www.example.com through to 
# another web server using a RewriteProxy request.
#
# Change example.com with your domain name and 203.0.113.16 
# with the IP address of web server B.
#
RewriteCond %{HTTP:Host} ^(?:www.)?example.com$
RewriteCond %{REQUEST_URI} (.+)
RewriteProxy .? http://203.0.113.16%1 [H]

Conclusion #

These are all very basic forms of proxying on IIS, there is absolutely no need for extensive mod_proxy configurations. All we need is mod_rewrite‘s RewriteProxy.

I thought you might find this interesting:   How to enable HTTP Strict-Transport-Security (HSTS) on IIS

This allows you to create and maintain useful proxy mechanisms in IIS, where IIS Application Request Routing (ARR) isn’t always available. Helicon Ape’s mod_rewrite can be a powerful and useful proxy mechanism.


Please Support Saotn.org

Each post on Sysadmins of the North takes a significant amount of time to research, write, and edit. Therefore, your donation helps a lot! For example, a donation of $3 U.S. buys me a cup of coffee, and as you know: things jsut work better with coffee. A $10 U.S. donation buys me one month of web hosting (yes, hosting costs money). But seriously, thank you for any amount. Much appreciated!

Please donate to support this site if you found a post interesting or if it helped you solve a problem. Thanks! (Tip: no Paypal account required)

If you appreciated this post, then please donate using this Paypal button


Jan Reilink

My name is Jan. I am not a hacker, coder, developer, programmer or guru. I am merely a system administrator, doing my daily thing at Vevida in the Netherlands. With over 15 years of experience, my specialties include Windows Server, IIS, Linux (CentOS, Debian), security, PHP, websites & optimization.

Leave a Reply

Be the First to Comment!

Hi! Join the discussion, leave a reply!