RewriteProxy with .htaccess in IIS

Rewrite and proxy HTTP requests in IIS. In my case scenario, I had to proxy requests on IIS, because a website was moved from web server A to B, and the DNS wasn’t updated yet. All HTTP requests for the moved website are handled in IIS’ Default Web Site; that’s the wildcard host, and the original host no longer existed there. We needed to match our website and proxy those requests to the new IIS web server. This can either be done using a proxy with URL Rewrite, IIS Application Request Routing (ARR), or a .htaccess file handled by Helicon Ape.

Web.config prerequisites for .htaccess proxy #

The .htaccess RewriteProxy directive gives us the opportunity to rewrite requests from domain/web server A to web server B. Of course, the host must be known on web server B, since we preserve the hostname.

Given the scenario, we chose to RewriteProxy all requests using a .htaccess file.

Depending on how you installed Helicon Ape, you may -or may not- have to create a specific .apehandler. If you didn’t installed Helicon Ape automatically using an .msi file, but manually, you probably need this. Otherwite Ape can’t proxy requests through an .htaccess file.

web.config configuration #

As said, you need to configure the special .apehandler in IIS to start proxying requests. Add to your web.config file (if required):

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.webServer>
        <handlers>
          <!-- The Helicon.Ape version number must match your installed
               Ape version or IIS will return an error! -->
          <add name="Helicon.Ape Handler"
            path="*.apehandler"
            verb="*"
            type="Helicon.Ape.Handler, Helicon.Ape, Version=3.1.0.138,
            Culture=neutral, PublicKeyToken=95bfbfd1a38437eb"
            resourceType="Unspecified"
            requireAccess="Script"
            preCondition="integratedMode" />
        </handlers>
    </system.webServer>
</configuration>

RewriteProxy .htaccess script #

Our .htaccess file we need (explanation is in the comments):

# Enable the rewrite engine
RewriteEngine On

# Proxy requests for example.net and www.example.net to
# a different web server hosting example.het, by its IP address and 
# preserving its Host: HTTP header. This is useful for when you just 
# moved a website and DNS hasn't been refreshed yet.
RewriteCond %{HTTP_HOST} ^www\.example.net$ [OR]
RewriteCond %{HTTP_HOST} ^example.net$
RewriteCond %{REQUEST_URI} (.+)

# %1 matches your first matched value, thus (.+) in this case, 
# or "www" when I use:
#    RewriteCond %{HTTP_HOST} ^(www\.)example.net$
# Adjust %1 to %2 or %3 where appropriate.
RewriteProxy .? http://203.0.113.15%1 [H,L]

Another great RewriteProxy option is:

# Enable the rewrite engine
RewriteEngine On

# Proxies requests to pull the content from site B for display on site A
# https://secure.example.com/images/
# For example proxies http://www.example.com/images/header_logo.png to 
# http://www.example.net/images/header_logo.png (note the different TLD)
# 
RewriteProxy ^(.*) https://secure.example.com/images/$1 [H,L]

The [H] flag insures the Host: HTTP header is preserved. This means the hostname, or website domain name, needs to exist on other web server (B). When you omit the [H] flag, the requested resource is pulled from the remote destination server and shown on the requested web site:

RewriteProxy ^images/(.*) https://secure.example.com/images/$1

Another example, pulled from an old post:

# Enable the RewriteEngine.
RewriteEngine On

# Rewrite hostheaders example.com and www.example.com through to 
# another web server using a RewriteProxy request.
#
# Change example.com with your domain name and 203.0.113.16 
# with the IP address of web server B.
#
RewriteCond %{HTTP:Host} ^(?:www.)?example.com$
RewriteCond %{REQUEST_URI} (.+)
RewriteProxy .? http://203.0.113.16%1 [H]

Conclusion #

These are all very basic forms of proxying on IIS, there is absolutely no need for extensive mod_proxy configurations. All we need is mod_rewrite‘s RewriteProxy.

This may interest you:   Deny vulnerable WordPress plugins using Windows Server File Server Resource Manager's File Screens

This allows you to create and maintain useful proxy mechanisms in IIS, where IIS Application Request Routing (ARR) isn’t always available. Helicon Ape’s mod_rewrite can be a powerful and useful proxy mechanism.


Show your support


If you want to step in to help me cover the costs for running this website, that would be awesome. Just use this link to donate a cup of coffee ($5 USD for example). And please share the love and help others make use of this website. Thank you very much!


About the Author Jan Reilink

My name is Jan. I am not a hacker, coder, developer, programmer or guru. I am merely a system administrator, doing my daily thing at Vevida in the Netherlands. With over 15 years of experience, my specialties include Windows Server, IIS, Linux (CentOS, Debian), security, PHP, websites & optimization.

follow me on:

Leave a Reply

Be the First to Comment!

avatar
  Subscribe  
Notify of