IIS7 Url Rewrite Rules

214 views
Skip to first unread message

Jeff Chastain

unread,
Feb 17, 2010, 6:11:56 PM2/17/10
to ColdBlox Group

Guys,

 

I have a Windows 2008 server running IIS7, the Microsoft URL Rewrite tool, and a Tomcat/Railo deployment.  IIS and Tomcat are hooked up and working just fine such that standard links like http://www.domain.com/index.cfm?test work just fine.

 

My goal is to have the above url work as http://www.domain.com/test/ where the request would be re-routed to the index.cfm passing the /test part as a query argument.

 

I added the IIS rewrite rules as described in this blog posting … http://blog.coldbox.org/post.cfm/coldbox-and-url-rewrites-with-iis-7.  When I do so, both the url http://www.domain.com/index.cfm/test/ and http://www.domain.com/test/ resolve to the index.cfm file.  However, the ‘test’ part is gone.

 

I have played with the rules and gone through the Microsoft documentation for the rewrite tool with no luck.  Has anybody tried these rules or run into anything like this before?

 

Thanks

-- Jeff

 

Bill Tindal

unread,
Feb 17, 2010, 6:52:22 PM2/17/10
to col...@googlegroups.com
Hi Jeff,

I think what you need to do is setup a route as such:

addRoute(pattern="test",handler="main",action="index",matchvariables="test=");


cheers,

Bill


--
You received this message because you are subscribed to the Google Groups "ColdBox: A ColdFusion Framework" group.
To post to this group, send email to col...@googlegroups.com
To unsubscribe from this group, send email to coldbox-u...@googlegroups.com
For more options, visit this group at http://groups-beta.google.com/group/coldbox
For more information, visit http://www.luismajano.com/projects/coldbox
For Documentation, visit http://ortus.svnrepository.com/coldbox/trac.cgi

Luis Majano

unread,
Feb 17, 2010, 7:57:37 PM2/17/10
to col...@googlegroups.com
These are the rules that I have tried before for the IIS rewrite tool:

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.webServer>
        <defaultDocument>
            <files>
                <clear />
                <add value="index.cfm" />
                <add value="Default.htm" />
                <add value="Default.asp" />
                <add value="index.htm" />
                <add value="index.html" />
                <add value="iisstart.htm" />
                <add value="default.aspx" />
            </files>
        </defaultDocument>
        <rewrite>
            <rules>
                <rule name="SQL Injection - EXEC" stopProcessing="true">
                    <match url="^.*EXEC\(@.*$" />
                    <action type="CustomResponse" url="/includes/templates/404.html" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
                </rule>
                <rule name="SQL Injection - CAST" stopProcessing="true">
                    <match url="^.*CAST\(.*$" />
                    <action type="CustomResponse" url="/includes/templates/404.html" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
                </rule>
                <rule name="SQL Injection - DECLARE" stopProcessing="true">
                    <match url="^.*DECLARE.*$" />
                    <action type="CustomResponse" url="/includes/templates/404.html" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
                </rule>
                <rule name="SQL Injection - DECLARE%20" stopProcessing="true">
                    <match url="^.*DECLARE%20.*$" />
                    <action type="CustomResponse" url="/includes/templates/404.html" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
                </rule>
                <rule name="SQL Injection - NVARCHAR" stopProcessing="true">
                    <match url="^.*NVARCHAR.*$" />
                    <action type="CustomResponse" url="/includes/templates/404.html" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
                </rule>
                <rule name="SQL Injection - sp_password" stopProcessing="true">
                    <match url="^.*sp_password.*$" />
                    <action type="CustomResponse" url="/includes/templates/404.html" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
                </rule>
                <rule name="SQL Injection - xp" stopProcessing="true">
                    <match url="^.*%20xp_.*$" />
                    <action type="CustomResponse" url="/includes/templates/404.html" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
                </rule>
<rule name="Application Adminsitration" stopProcessing="true">
                    <match url="^(.*)$" />
                    <conditions logicalGrouping="MatchAll">
                        <add input="{SCRIPT_NAME}" pattern="^/(.*(CFIDE|cfide|CFFormGateway|jrunscripts|railo-context|fckeditor)).*$" ignoreCase="false" />
                    </conditions>
                    <action type="None" />
                </rule>
                <rule name="Flash and Flex Communication" stopProcessing="true">
                    <match url="^(.*)$" ignoreCase="false" />
                    <conditions logicalGrouping="MatchAll">
                        <add input="{SCRIPT_NAME}" pattern="^/(.*(flashservices|flex2gateway|flex-remoting)).*$" ignoreCase="false" />
                    </conditions>
                    <action type="Rewrite" url="index.cfm/{PATH_INFO}" appendQueryString="true" />
                </rule>
                <rule name="Static Files" stopProcessing="true">
                    <match url="^(.*)$" />
                    <conditions logicalGrouping="MatchAll">
                        <add input="{SCRIPT_NAME}" pattern="\.(bmp|gif|jpe?g|png|css|js|txt|pdf|doc|xls|xml)$" ignoreCase="false" />
                    </conditions>
                    <action type="None" />
                </rule>
                <rule name="Insert index.cfm" stopProcessing="true">
                    <match url="^(.*)$" ignoreCase="false" />
                    <conditions logicalGrouping="MatchAll">
                        <add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
                        <add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
                    </conditions>
                    <action type="Rewrite" url="index.cfm/{PATH_INFO}" appendQueryString="true" />
                </rule>
            </rules>
        </rewrite>
    </system.webServer>
</configuration>


Luis F. Majano
President
Ortus Solutions, Corp

ColdBox Platform: http://www.coldbox.org
Linked In: http://www.linkedin.com/pub/3/731/483
Blog: http://www.luismajano.com
IECFUG Manager: http://www.iecfug.com

Jeff Chastain

unread,
Feb 17, 2010, 8:09:17 PM2/17/10
to col...@googlegroups.com

Thanks Luis.  I overwrote my web.config with the configuration you provided with the same result.  At this point I have not setup ColdBox on this site yet, just trying to get the url rewrite to work.

 

Given that, I was dumping out the url and CGI scopes to test to see if the rules were working and I am getting nothing in the URL scope and the CGI.PATH_INFO variable is also empty.

 

So, are the rules not working or am I missing something else here?

 

Thanks

-- Jeff

Luis Majano

unread,
Feb 17, 2010, 8:18:26 PM2/17/10
to col...@googlegroups.com
Hmm, interesting, I know jason durham set it up using those web.config rules.  I think the web.config can import .htaccess rules.  Have you tried to import the included .htaccess rules from the distro install folder?

Ohhh, also, make sure that the cf engine has enabled the path info in the servlet declaration. I know by default it comes unchecked in the web.xml.

Luis F. Majano
President
Ortus Solutions, Corp

ColdBox Platform: http://www.coldbox.org
Linked In: http://www.linkedin.com/pub/3/731/483
Blog: http://www.luismajano.com
IECFUG Manager: http://www.iecfug.com


Jeff Chastain

unread,
Feb 17, 2010, 9:59:35 PM2/17/10
to col...@googlegroups.com

Luis,

 

It looks like the problem is not the rules after all, but Railo.  I created a new site running CF9 using your rules and the path_info variable was set correctly.

 

I checked the servlet declaration you mentioned and that is setup right, so I will move this over to the Railo list.

 

Thanks for the help.

Luis Majano

unread,
Feb 17, 2010, 10:17:44 PM2/17/10
to col...@googlegroups.com
Anytime Jeff, 

Is this on tomcat? It might be that tomcat does not allow the *.cfm/* servlet mapping as it is not standard servlet container mapping. So I think you will have to do something else on the rewrite, I am guessing.

Luis F. Majano
President
Ortus Solutions, Corp

ColdBox Platform: http://www.coldbox.org
Linked In: http://www.linkedin.com/pub/3/731/483
Blog: http://www.luismajano.com
IECFUG Manager: http://www.iecfug.com


Reply all
Reply to author
Forward
0 new messages