0

I want to force routing through the HTTPS. I have a web application in the Azure cloud platform with the following web.config file in the /public folder:

<configuration>
  <system.webServer>
    <rewrite>
      <rules>
        <rule name="Imported Rule 1" stopProcessing="true">
          <match url="^(.*)/$" ignoreCase="false" />
          <conditions>
            <add input="{REQUEST_FILENAME}" matchType="IsDirectory" ignoreCase="false" negate="true" />
          </conditions>
          <action type="Redirect" redirectType="Permanent" url="/{R:1}" />
        </rule>
        <rule name="Imported Rule 2" stopProcessing="true">
          <match url="^" ignoreCase="false" />
          <conditions>
            <add input="{REQUEST_FILENAME}" matchType="IsDirectory" ignoreCase="false" negate="true" />
            <add input="{REQUEST_FILENAME}" matchType="IsFile" ignoreCase="false" negate="true" />
          </conditions>
          <action type="Rewrite" url="index.php" />
        </rule>
      </rules>
    </rewrite>
  </system.webServer>
</configuration>

In order to force the routing, Azure says to add this: 

<system.webServer>
   <rewrite>
      <rules>
         <rule name=”Redirect to https”>
            <match url=”(.*)”/>
            <conditions>
                <add input=”{HTTPS}” pattern=”Off”/>
                <add input=”{REQUEST_METHOD}” pattern=”^get$|^head$” />
            </conditions>
            <action type=”Redirect” url=”https://{HTTP_HOST}/{R:1}”/>
         </rule>
      </rules>
    </rewrite>
</system.webServer>

Do you have any idea on how can I change my original web.config file so that it fits and forces HTTPS?

SOLVED

I just had to add the rule. The modified web config is:

<configuration>
  <system.webServer>
    <rewrite>
      <rules>
        <rule name="Imported Rule 1" stopProcessing="true">
          <match url="^(.*)/$" ignoreCase="false" />
          <conditions>
            <add input="{REQUEST_FILENAME}" matchType="IsDirectory" ignoreCase="false" negate="true" />
          </conditions>
          <action type="Redirect" redirectType="Permanent" url="/{R:1}" />
        </rule>
        <rule name="Imported Rule 2" stopProcessing="true">
          <match url="^" ignoreCase="false" />
          <conditions>
            <add input="{REQUEST_FILENAME}" matchType="IsDirectory" ignoreCase="false" negate="true" />
            <add input="{REQUEST_FILENAME}" matchType="IsFile" ignoreCase="false" negate="true" />
          </conditions>
          <action type="Rewrite" url="index.php" />
          <rule name=”Redirect to https”>
            <match url=”(.*)”/>
            <conditions>
                <add input=”{HTTPS}” pattern=”Off”/>
                <add input=”{REQUEST_METHOD}” pattern=”^get$|^head$” />
            </conditions>
            <action type=”Redirect” url=”https://{HTTP_HOST}/{R:1}”/>
         </rule>
        </rule>
      </rules>
    </rewrite>
  </system.webServer>
</configuration>
Improve this question

2 Answers 2

Reset to default
1

I believe you can tackle this problem from the Laravel side.

Consider the following route:

Route::get('signin', ['uses' => 'AuthController@signin', 'https']);

This route will only be served as https. I had to deal with this situation some time ago.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

If your laravel application's directory architecture is like:

wwwroot/
    app/
    public/
    ...
    .env
    ...

You can directly create a file web.config with the content in the root directory in your application:

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
  <system.webServer>
   <rewrite>
      <rules>
         <rule name="Redirect to https">
            <match url="(.*)"/>
            <conditions>
                <add input="{HTTPS}" pattern="Off"/>
                <add input="{REQUEST_METHOD}" pattern="^get$|^head$" />
            </conditions>
            <action type="Redirect" url="https://{HTTP_HOST}/public/{R:1}"/>
         </rule>
      </rules>
    </rewrite>
</system.webServer>
</configuration>

Which will redirect all the HTTP requests to HTTPS, and redirect to the into the public folder.

Any further concern, please feel free to let me know.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.