Reverse Proxies
IIS and URLRewrite as Reverse Proxy
|
1. IntroductionIIS, with some help from other modules, can be also used as a Reverse Proxy. Reverse Proxies forward requests from clients to one or more servers. In this example we will configure IIS in one server to act as a reverse proxy forwarding all requests to a specific URL to another server. You will need to install URL Rewrite 2.0 or later and Application Request Routing 1.0 or later on IIS 7.0 or later. 2. Pre-requisites2.1. Internet Information Services (IIS) 7.0 2.2. URLRewrite 2.0 Module. This extension may be downloaded here: http://www.iis.net/downloads/microsoft/url-rewrite 2.3 Application Request Routing Module 1.0 or later. This extension may be downloade here: https://docs.microsoft.com/en-us/iis/extensions/planning-for-arr/using-the-application-request-routing-module Both modules can also be installed directly from IIS console, selecting Web Platform Installer:
3. Installing the pre-requisites on your Windows ServerFollow the link on item 2.2, download and execute the URL Rewrite 2.0 Module installer. The process is straighforward, via Web Platform Installer:
When the installation finishes, Web Platform Installer gives you a list of other products to install. Now select Application Request Routing Module proceed the same way.
4. Network topologyBasically we have 2 servers, both running IIS on port 80. The first server is our reverse proxy server. It will act on behalf of the second server, named web server below. The web server runs 2 different IntraWeb applications: One ISAPI on IIS (port 80) and another StandAlone (installed as a Windows Service) using port 8888. Requests come from the Internet to the first server, the only with an external IP address which is exposed to the Internet. It will forward all requests to the second server - the web server, rewriting all URL on the fly.
5. Enabling request routingSelect the server node on the left panel and the open Application Request Routing module
Now select Server Proxy Settings on the left hand side
Finally, enale routing on the first check box:
6. Creating an URL Rewrite RuleWriting rewrite rules for URL Rewrite module is not simple as it could be and it's a broad and complex subject. You can find detailed information about URL Rewrite rules here: http://www.iis.net/learn/extensions/url-rewrite-module/creating-rewrite-rules-for-the-url-rewrite-module You can write your rules using IIS console, or editing your web.config file directly. Most of the times it's easier to edit the web.config file directly: <?xml version="1.0" encoding="UTF-8"?> <configuration> <system.webServer> <handlers accessPolicy="Read, Execute, Script" /> <rewrite> <rules> <rule name="Rewrite rule for ISAPI Intraweb application" stopProcessing="true"> <match url="^MyApp/(.*)" /> <action type="Rewrite" url="http://192.168.2.182/ISAPI_32/FeaturesISAPI.dll/{R:1}" logRewrittenUrl="true" /> </rule> <rule name="Rewrite rule1 for SA Intraweb application" stopProcessing="true"> <match url="^Proxy/(.*)" /> <action type="Rewrite" url="http://192.168.2.182:8888/{R:1}" logRewrittenUrl="true" /> </rule> </rules> </rewrite> </system.webServer> </configuration> Above we have declared two different rules for two different IntraWeb applications: The first is a ISAPI, running in IIS on default port 80. The second is a StandAlone application running on port 8888. Both are installed in a second machine, which IP address is 192.168.2.182 (internal network address). The file containing the rules should be saved into IIS root folder (in general in C:\Inetput\wwwroot\ ). If the file already exist, add the whole <rewrite> tag above to it, as is, replacing the actuall address of your own applications accordingly. All the rewrite rule logic is contained within the <rule> tag. Example, the rule named "Rewrite rule1 for SA Intraweb demo" is basically telling IIS to:
URLRewrite module is just a live string search & replace mechanism, attached to IIS, where you can configure your own rules. Once the web.config file is saved, you can see and edit the rule directly in IIS console (double-click URL Rewrite icon in the right panel, after selecting the Default Web Server node):
Double-click the rule line and you can edit it:
7. Application SetupIt is not always possible for your IntraWeb application to detect that it is being run behind a reverse proxy, through URL Rewrite. You need to configure it explicitly. This is done setting ServerController's RewriteURL property. The best place to do it is from ServerController.OnConfig() event,. You can optionally use OnURLRewrite event if the proxy rewrite URL is dynamic. However, in most cases it is not. So, in case of our sample SA application we have:
Similarly, in case of our ISAPI application we have:
The RewriteURL property must match the <match url="^Proxy/(.*)" /> part of the URL Rewrite rule defined in web.config file. Now you must rebuild and deploy your applications. Eventually you can also load this property value (the RewriteURL string) from a config or .ini file, at runtime. 8. Testing your applicationAfter your setup is ready, you can now test both applications. SA application URL becomes: http://192.168.2.100/Proxy/ URL Rewrite module will change this to http://192.168.2.182:8888/, the Application Request Routing module will forward it to the appropriate address and the application works as expected, transparently. Similarly, the ISAPI application can be acessed through address: http://192.168.2.100/MyApp/ Note that I could use localhost - if testing from the server itself - or the external proxy server address - if testing from another client - as the adress of the reverse proxy server. Also note that in the case of ISAPI, the name of the ISAPI dll is not part of the URL anymore:
9. See also |
