0

I have the following rule in the web.config of my Asp.net MVC website.

When I enable this rule it cause 301 Error loop!

<rule name="Redirect to https" enabled="true" patternSyntax="Wildcard" stopProcessing="true">
    <match url="*" negate="false" />
    <conditions logicalGrouping="MatchAny">
            <add input="{HTTPS}" pattern="OFF" />
    </conditions>
    <action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Permanent" />
 </rule>

Test the website url without https with CURL:

enter image description here

Notes

  • I get same loop of 302 errors even I try the URL with https when the rule is enabled.
  • I use Cloudflare SSL on my website

What do you think about this issue? Where is the problem?

Ramin Bateni
  • 16,499
  • 9
  • 69
  • 98
  • https://stackoverflow.com/questions/4945883/how-to-redirect-http-to-https-in-mvc-application-iis7-5 – Robert Harvey Oct 29 '19 at 13:58
  • @RobertHarvey, I get same error if I try the _URL with Https_ and _Enabled rule_ but there is no error when I try the _URL with Https_ and _disabled rewrite rule_! – Ramin Bateni Oct 29 '19 at 14:03
  • https://learn.microsoft.com/en-us/iis/extensions/url-rewrite-module/using-failed-request-tracing-to-trace-rewrite-rules See into the actual request/response and then the cause should be clear. – Lex Li Oct 29 '19 at 15:18

2 Answers2

0

the cause of the issue is The Flexible SSL encryption mode in the Cloudflare SSL/TLS app Overview tab encrypts traffic between the browser and the Cloudflare network over HTTPS. However, when the Flexible SSL option is enabled, Cloudflare sends requests to your origin web server unencrypted over HTTP. Redirect loops occur if your origin web server is configured to redirect all HTTP requests to HTTPS when using the Flexible SSL option. Redirect loops may also occur when using the Full or Full(strict) SSL option. The only difference is that Cloudflare contacts your origin web server over HTTPS and the redirect loop occurs if your origin web server redirects HTTPS requests to HTTP.

To resolve redirect loops issue you could refer any option from below:

  1. Remove the HTTP to HTTPS redirects from your origin web server configuration.

  2. Update the Cloudflare SSL option in the SSL/TLS app Overview tab:

If currently set to Flexible, update to Full if you have an SSL certificate configured at your origin web server. (Not Recommended) If currently set to Full, update to Flexible.

Troubleshooting redirect loop errors

Jalpa Panchal
  • 8,251
  • 1
  • 11
  • 26
0

try this :

          public class SSLFilter : ActionFilterAttribute {

          public override void OnActionExecuting(ActionExecutingContext filterContext){
    if (!filterContext.HttpContext.Request.IsSecureConnection){
        var url = filterContext.HttpContext.Request.Url.ToString().Replace("http:", "https:");
        filterContext.Result = new RedirectResult(url);
    }
}

}

hassan kamarzadeh
  • 313
  • 3
  • 6