Fancy redirection on IIS 5

The task seemed easy enough:

set up a new web site sub.domain.com such that every URL http://sub.domain.com/some_path is automatically redirected to process.aspx/?path=some_path (on the same domain or on www.domain.com – both have .Net running)

Because we run our sites on Win2K/IIS the following options were immediately discarded:

A. Install & configure Apache

I like Apache, let there be no mistake about that, but it’s just too much hassle managing 2 different web servers on 1 machine. I like having one management interface. Mind you, it would have been so easy:
RedirectMatch /(.*) http://www.domain.com/process.aspx?path=$1

B. Develop a Python daemon

What’s wrong with being a geek 🙂 ? This is after all a simple single-purpose web site, you have an HTTP GET coming in and a 302 Redirect going out with super-basic parsing (check out the regular expression above). But again: having several web servers on 1 machine is asking for chaos. Plus, how robust is the Python SimpleHTTPServer? Has it been tested with attacks from Blaster/Mydoom and the likes?

Ok, this leaves us with the IIS server. So I create a new IIS site, that takes all the sub.domain.com requests (using a host-header). And now just add redirection, right? Let’s see …

C. /default.asp page

This might have worked if all the incoming URLs were like http://sub.domain.com/?some_path (see the question mark?). But that’s not the case.

BTW: Why .asp instead of .aspx? Because it’s basically a hack, and hacking is way easier in ASP (if you’re me).

D. Custom 404 script

Configure the IIS to redirect all not found pages (‘404’ errors) to a /404.asp script. The script basically has to do:
Response.Redirect "/process.aspx?path=" & Request.ServerVariables("URL")
Only that I get as URL “/404.asp” instead of the original URL. I can’t seem to get the some_path. So I try this for 10 minutes and then move on, basically because I ‘m thinking the last method will be the fastest. If I would have looked further, the QueryString contains “404;http://sub.domain.com/some_path“, and I could have parsed it out.

Additional remark here: if your home directory is empty, and you call http://sub.domain.com/ (home page), you get an error 403 Access Forbidden error, instead of 404 Page not found. So you would have to either remap that error 403 too, or create a /default.asp that catches this case.

E. Use IIS redirection

Sure, IIS supports automatic redirection out of the box! Regular expressions and everything! Let’s elaborate on this method.
IIS redirection

  • Trial E.1: Redirect all URLs to /process/?path=$V ($V would translate here in “/some_path”). Only, when you redirect everything to to a subfolder, this policy is inherited by this subfolder, and you also redirect calls to that subfolder. So you get a nice endless redirection loop that creates links like /process/?path=process/?path=process/?path=process/?path=…
  • Trial E.2: oh, but that is what the checkbox ‘A directory below this one’ is for. Only, it doesn’t work: I get 404 errors. I’m probably doing something wrong.
  • Trial E.3: oh, but you can use a more sophisticated redirection, and turn off redirection for subfolders with “!”. Ok, I try *;/process/*;!/*;/process/?path=$0. Nope. Try setting “!” as redirection for /process/ folder. Syntax error. Try “*;*;!” as redirection for /process folder. Nope, I get get redirection to a non-existent page “!”. Ok, drop this one.
  • Trial E.4: wait, what if I don’t redirect to a script one folder lower, but just to /process.aspx?path=$V? Ta-daaa! Here’s the endless loop again!
  • Final try E.5: This is what worked at last: install the process.aspx on the destination server and redirect to it (in other words, exactly what I would have done if I had used Apache)
    *;/*;http://www.domain.com/process.aspx?path=$0

Trivial, right? Did I ‘solve’ the redirection spaghetti in IIS? Not really. Did I get a final result that worked? Yep. Who’s the man?

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.