Redirection of urls, it’s a very common action, it’s important to maintain your SEO-value when URL’s move around and to provide friendly, short URLs. The only thing that you have to do is to create a permanent or temporary redirect, right? There are some solutions which add redirect functionality to Sitecore, for example the great Url Rewrite module by Andy Cohen, which is based on the IIS Url Rewrite 2.0 module by Microsoft. But there are several scenario’s when you can solve several redirects in other parts of the infrastructure, or with other products. This may, for example, be the case in in larger companies, hosting multiple Sitecore instances with multiple sites, where configuring certain types of redirects in different parts of the infrastructure can prevent a lot of other configuration in those same layers, reduce complexity or prevent issues on the permissions to configure redirects.
This blogpost explains why we chose to handle redirects in different parts of our infrastructure, from a technical and a functional perspective.
A small look at the infrastructure and the way it gets managed
If we look into a typical infrastructure to serve websites, this could be visualized as follows. For every website that needs to be accessed via the internet, configuration is needed (not on every layer of the infrastructure, but on several layers). In small organizations, some layers are not present, this may be done by a single team, or even a single person, but in larger organizations, those tasks are usually split amongst several teams, with different workloads, procedures, schedules and priorities. Those tasks vary from configuring DNS, Virtual IP’s, create/order new certificates for connections over SSL, to block incoming requests to specific paths/locations. All these layers are in place to keep the entire infrastructure as safe as possible. Imagine what happens when you are hosting not a single site, but tens, or even hundreds of sites. When those sites should all be accessible over http/https and the sites should be available via a www- and non-www entry, the workload of all the teams grows and with a lot of sites, the traffic will grow as well. Think about what happens to the infrastructure when every request would reach the webservers: every layer would get a lot of traffic. Those are just a few reasons which can contribute to the choice of aborting/redirecting requests as early as possible in the chain.
Note: an example of a path that should be blocked over the internet (thus, the Content Delivery servers), are the /Sitecore/ and /App_config paths. They should be blocked for anonymous users on IIS as well, but defense in depth (multiple layers of security) is always a good practice.
Redirect requirements
When only taking into account the technical aspects of a solution, all the redirects would be handled by the Reverse proxy. This wouldn’t be a suitable solution for the content editors, as they have the need to create new redirects on the fly. In our situation they don’t have access to the reverse proxy, so the only possibility that they would have, was to provide a task to the team which administrates the reverse proxy, with a request to configure those redirects. That would create serious delay in providing new redirects. Imagine what would happen when they make some errors. That would take ages ;).
That’s why we split the redirects into 4 categories:
Redirect all http requests to https
Serving sites over http is not safe for the end user. Google is even using https as a ranking signal; thus boosting sites that use https. This kind of redirect should be handled as early as possible in the infrastructure and it’s a one-time configuration which has become part part of our standard operation procedures when configuring new sites. This configuration takes place on the reverse proxy.
Redirecting early in the chain, prevents a lot of configuration that was needed on other layers otherwise. Think about configuring firewalls, load balancers and webservers, they all should support the http and https traffic, the www- and non-www url’s. At Sitecore level, extra configuration should be needed to serve both sites and it would introduce complex scenario’s when posting data over the internet. When do you choose to use http, when to use https. What would it mean for developers? What kind of security flaws would you introduce?
Note: in the end you want to get rid of non-encrypted traffic. By implementing Http Strict Transport Security, it’s possible to protect against downgrade attacks and it’s easier to protect against cookie hijacking. Read this excellent article by Troy hunt on this technique.
Redirect www to non-www, or vice-versa
All of our sites should be accessible via www- or via the non-www variant, this is a single configuration that should happen once during a lifecycle for a domain. Customers tend to access sites as “domain.com” in the browser, which lacks the “https” protocol and the “www” subdomain. As for the http/https redirect, the same reasons apply: it prevents a lot of configuration. An extra benefit is that it’s easier to configure and maintain canonical urls for your content if you just have one endpoint for one site on the IIS-servers, which is very important for the SEO-value of your site.
Note: the http/https and www/non-www redirects could be included in one redirection rule: this might prevent one additional redirect in the process of redirecting.
Complex redirects
A complex redirect is a redirect which uses regular expressions or other conditions; those kind of redirects are not configured often, but often happen during migrations, after rebuilding, or after restructuring a site. As those regular expressions should be tested thoroughly (preferably over the DTAP), as they can break the sites, we prefer that content managers are not able to configure them.
An example of redirecting urls using regular expressions is the following. An old asp.net site was presenting articles using the following url: http://www.domain.com/article.aspx?id=2&title=some-cool-title. When migrating to Sitecore, a more friendly url would be: https://www.domain.com/article/2/some-cool-title. This can be achieved by using regular expressions. These are the places where these regular expressions can be configured:
- Solve the complex redirects in the Reverse proxy
- Solve the complex redirects in Sitecore
- Solve the complex redirects in IIS using the URL Rewrite 2.0 module
Solve complex redirects in the reverse proxy
When it would be possible to configure those redirects by the build-team, this would be a superb solution, but often, this is not possible. This means:
- larger throughput time,
- changes for DTAP would take a lot of time
- very application specific changes
- Often the reverse proxies are not configured in such a way, that they can redirect the paths
This is, on our case, not really a viable option.
Solve the complex redirects in Sitecore
Solving complex redirects in Sitecore could be an option. It causes pretty much and complex, tailor-made code, while the same solution could be implemented using out of the box IIS functionality. The URL Rewrite module by Andy could help here, it offers some of the functionality as the IIS URL Rewrite 2.0 Module, but it has, for us, some drawbacks:
- It’s custom code. IIS and the reverse proxy offer functionality that is, we assume, thoroughly tested. Is it optimized for performance?
- Although the code has a high quality level, it causes a dependency on an open source project that is not very actively maintained. (if we decide that we are going to use it, we will actively contribute to the project)
- It doesn’t provide testing of patterns, which the IIS URL Rewrite 2.0 module does offer. (however it does have a neat page to test url’s, to see what rules are being hit).
- More complexity on denying access to content editors for certain redirect rules.
Although this option could work in other scenario’s, for other customers, we didn’t choose for it (yet).
Solve the complex redirects in IIS using the URL Rewrite 2.0 module
This module is an officially supported module and created by Microsoft. It even fits in a cloud scenario, as the azure web applications can make use of this module as well. However, not all the capabilities of this module are supported: It’s possible to write a custom provider for this module. This means that this module can be pointed to other sources, for example databases, files or even Sitecore, to get it’s configuration. Those providers need to be deployed to the Global Assembly Cache, which isn’t possible on Azure.
An advantage of the redirect module is that it has an complete interface with a lot of options. Complex (very complex) rules can be configured and it’s possible to include conditions, for example to match the HTTP_HOST server to the hostname of the site. Another advcantage of the URL Rewrite 2.0 module is that it will kick in before the Sitecore pipeline, so no additional processing power is needed and no additional database queries are made when a request meets the rule conditions.
The output of testing the pattern results in the following screen:
These results can be used to concatenate the new url (article/{R:1}/{R:2}
Adding configuration changes can be done easily by editing the web.config. In a later blogpost, I will explain on how to do this easily using web.config transormations during deployments; no manual changes will be necessary, they look as follows and can easily be templated:
This means that, the condition match for the hostname, the regular expression and the action type easily can be injected using MRM tokenization or the facilities in octopus-deploy, thus, deployment-time. This will help in the continuous delivery or even continuous deployment process when having one of those mechanisms in place.
As administrators have access to those environments and changes can be automated using the web.config transformations, this seems to be a very viable solution: preventing content editors to make complex changes, while having the needed velocity to make changes.
Simple redirects
The last category is “simple redirects”. An example is redirecting https://www.domain.com/actionable-url to https://www.domain.com/path/to/page, thus an incoming path to any other URL, internal or external. The content editor must be able to set the friendly url to redirect it to an existing page. Sitecore offers the “alias” feature, but this feature doesn’t cut it: it doesn’t redirect but rewrite and it’s only viable when working with single sites and it doesn’t work with external url’s. Aliases with the same name for different sites cannot be configured. This is the part where some tailor-made code will do it’s job. There are two options in this one:
- Writing an IIS URL Rewrite 2.0 provider which interacts with Sitecore
- Write a custom pipeline for Sitecore
Writing an IIS URL Rewrite 2.0 provider which interacts with Sitecore
As stated before, this provider does not work in Azure, as it has to be deployed in the Global Assembly Cache. A great advantage could be that Sitecore can act as a provider. Content editors would be able to configure simple redirects, which are handled by the provider. My gut feeling is that Microsoft doesn’t actively put any effort in this provider-pattern anymore, as it’s hard to find the SDK’s for these providers.
Writing a custom pipeline for Sitecore
This solution can be very viable. Content editors would only have to configure the from-path and the to-url, (exactly the same as in the IIS URL Rewrite 2.0 provider), but the redirects would be handled by a custom pipeline extension. A simple caching mechanism could be used here, to improve performance.
This module should handle the real Sitecore scenario’s: multi-language, configurable for multi-site solutions, easy access for editors, and reporting on redirects using the analytics database.
When a plan comes together
When those 4 kind of redirects are being combined, the following scenario’s are handled as followed:
http://domain.com/action-path -> https://www.domain.com/the/real/path/for/sitecore
- Reverse proxy redirects http://domain.com/action-path to https://www.domain.com/action-path using a 301-redirect
- IIS Url Rewrite – no regular expression has been configured, so this url doesn’t match, no redirect takes place
- The path /action-path is being redirected to /the/real/path/for/sitecore , so https://www.domain.com/action-path is being redirected to https://www.domain.com/the/real/path/for/sitecore using a 301 redirect.
http://domain.com/article.aspx?id=2&title=some-cool-title -> https://www.domain.com/articles/2/some-cool-title
- Reverse proxy redirects http://domain.com/article.aspx?id=2&title=some-cool-title to https://www.domain.com/article.aspx?id=2&title=some-cool-title using a 301-redirect
- The IIS URL-rewrite module kicks in: the article.aspx?id=2&title=some-cool-title matches the regular expression “^article.aspx\?id=([0-9]+)&title=([_0-9a-z-]+)” and 301-redirects this page to /article/2/some-cool-title
- This page is available in Sitecore and is being served. This page could have been redirected on it’s turn by a content editor to another location.
As seen in the two scenario’s above, most of the time, the amount of redirects is limited to two. Theoretically, there could be a 3rd redirect, but this shouldn’t happen too often. Another advantage of this mechanism, is that paths, which were coming from the different https/http and www/non-www configurations, can be handled in a single configuration item, instead of 4 different mappings.
Using these 4 kind of redirects, all page requests that will reach the IIS-webservers, are having the https://www.domain.com structure, which greatly reduces complexity. All redirects that are more application specific, can be handled by IIS. Complex and simple redirect only have to be configured for a single URL, instead of 4:
As seen in the picture above, a single domain on https has to be configured throughout the food-chain, while the application specific redirects can be handled by IIS
Conclusion
When taking another approach on redirects, and by configuring redirects on other parts in the infrastructure, this can greatly reduce complexity, traffic throughput and it might increase security. This can reduce the need for custom code in your Sitecore modules and greatly reduce the complexity of this code. Sitecore is not the centre of the Universe. (well, not always ;))
I am no longer certain where you’re getting your information, but great topic.
I must spend a while studying much more or working out more.
Thank you for fantastic info I was searching for this information for my mission.
Excellent blog post. I definitely appreciate this site.
Keep writing!
You actually make it appear so easy together with your presentation but I in finding this
matter to be actually something that I think I’d by
no means understand. It seems too complicated and extremely wide for me.
I’m having a look forward for your subsequent post, I will attempt to
get the cling of it!
Great post.
I am genuinely thankful to the owner of this site who has shared this fantastic paragraph at at this place.
Excellent post! We are linking to this particularly great post on our site.
Keep up the great writing.
Thanks a bunch for sharing this with all folks you really recognise what you are talking approximately!
Bookmarked. Kindly also visit my website =).
We may have a link trade arrangement between us
This is a selfsame interesting post . But I like more the contrive that you arrange at your website. Amass it up.
What do you think nearby my website ? buy 1 million youtube views cheap
Can you tell us more about this? I’d like to find out more details.
Pingback: Sitecore redirect strategy | Sitecore basics!
naturally like your web site however you have to
check the spelling on quite a few of your posts. Several of them are
rife with spelling issues and I to find it very troublesome to
tell the reality however I’ll certainly come again again.
Alternate Link l69
L69 is one of the official sites that provide the newest
alternative link reliable online betting sites. L69 provides more than 1
alternative link from each and every betting site, and we here have become
probably the most comprehensive alternative link companies
and the L69 web site has a responsive display that will
makes it easy that you can access our site
through the display of your own device or laptop.
And what you have to know is that we here just have one official link, l69.
me and if there are other websites that provide information or call the website is not our official site.
Ball gambling and casino gambling are types of games that are very popular with
the folks regarding Indonesia. Why l69? Because we have
been here for a lot more than five years and possess become the trust of the individuals of Indonesia as
a location to play soccer gambling and in addition online casino gambling.
Itself in addition has obtained a license coming from the Asian and European governments last year to come to be
an online gambling gambling provider site in Asia and
Europe. By providing lots of different types of betting bets
that may be played about one ID, it makes the members feel happy actively playing in your bookie.
Great things about Alternative Links l69
Yet regrettably lately there are many members who
experience problems and problems whenever entering into their Sgd777 game for
the reason that Sbobet web site is often blocked and many aged sites
have been blocked by the Indonesian federal government and never a few usually are also influenced in what is
called the Newsletter Task. The Indonesian government
lately is struggling to eliminate links or paths to
get into sites that smell of pornography, gambling and presently there are a great many other content of which is deemed inappropriate.
Not many online gambling sites in Indonesia have certified matter status
and have licenses issued by relevant authorities. In addition, the
level of consumer give support to for online gambling sites can yet be entirely low because of the 100 easily
reached online gambling sites, by yourself virtually 10-15 sites are practiced to meet the expense of professional
service and meet standards.
Therefore, you cannot arbitrarily choose an online gambling site to be
a playing partner. There are many criteria and factors that must be considered to
create an online gambling site a place to shelter and save game deposits.
However, it will bow to mature and effort to find a trusted site following this.
Hence, in this article we would following to manage to pay for important recommendations roughly trusted and credited online
gambling sites in Indonesia. By becoming a zealot of this
gambling site, it is certain that you will be clear
from doubt and one step closer to success. Online gambling is no longer just a game but a
business that can tolerate you to a brighter future.
Like any supplementary situation in the world, every step
you allow will have every second risks and benefits.
No human living thing can always make a gain in all business, and no one can always avoid
losing. every that can be finished is to minimize losses and enlargement
profits until finally the profits create losses not felt.
Many of the sites that provides the particular best gambling online sport
services in Dalam negri is Promosbobet. Online bookie sites that will provides direct access from home via typically the internet network
in addition to will be a good alternative to enhance bettors’ income without having
to shell out a lot associated with capital.
Imagine, along with only relatively inexpensive capital, members
may play one of the most fascinating betting games that will members want such as soccer gambling,
online casino, or even real money online slot
machines, and of course get the particular financial benefits that will members need.
Everything a member can perform just by becoming an official
member regarding the best and most trusted online bookmaker site Promosbobet.
The greatest Online Gambling Promotion
Bettors can obtain various types associated with benefits by turning into a
member regarding the Promosbobet gambling site. This internet site always provides remarkable promotions for brand
spanking new clients and loyal consumers who have picked Promosbobet
as the betting partner with regard to years.
Deposit Reward – the first bonus that a new member could
get simply by becoming a member of Promosbobet will be when the member makes a down payment using a minimum associated with IDR 100,
500 only! Bettors may get bonuses of up to almost 2 mil rupiah.
Winning Bonus – just by playing online football gambling that an individual want or experiencing the fun and challenges of capturing fish games, an individual have a opportunity to win a winning bonus
of up to 50%.
Cashback as well as Rebate Bonus – by working together with Sbobet and
Maxbet, Mabosbet gives an individual the chance to get an immediate five per cent cashback and 75% rebate!
As an online gambling player, it is important to know what sites are fine to visit and can be used
as a area to bill online gambling. carelessly choosing a site is tantamount to wasting capital for free.
Not lonesome you will lose but afterward waste time and opportunity to succeed in this
business.
Not a few people make mistakes in the same way as this until they finally fall into the
abyss of bankruptcy / destroy because they can’t win even in all
game they do. Unfortunately, most people who
experience this blame the game otherwise of introspecting upon what they have done.
In essence, if you piece of legislation gambling negligently and without preparation,
behind any extra thing in the world, of course, you will end in the works in failure.
Therefore, we desire to pay for recommendations for the best
online gambling sites that you can visit and become partners playing online gambling to achieve success in this industry.
The publicize of the site is Mabosway, a site that provides various types of perfect and
best-in-class online gambling games. on the Mabosway site you can pick various types of
games ranging from popular gambling games such as online poker, online casino gambling once various variants, as skillfully as sports gambling games that are well-liked with people in Indonesia.
There are many more important features that the Mabosway site
has, however, there are several important features that
you obsession to know that create Mabosway the best site and many online gambling
players trust in Indonesia.
Depoxito is the best online gambling site in Indonesia,
following Depoxito you will setting the sensation of playing new and enlightened online
gambling. We always innovate for that reason that all our members can setting a sensation like playing at a real
casino. Depoxito present you the best breathing casino feelings you can acquire
like all the pretty and sexy dealers, or grand vip saloon private room for our VIP fanatic where you can be active one on one considering
our special Dealer every just for yourself.
Luxurious site and VIP class relief for you, a innovative and easy-to-use site,
kind and always kind Customer promote to back up you.
Depoxito is the right out of the ordinary for those of you
who desire to take steps online gambling without unbearable that
your winnings will not be paid, Depoxito guarantees that all bet you place and win is authentic and
will be paid without incurring any unwritten deductions.
Depoxito as a site that is a partner of international
big bookmakers no question will not disappoint you as a loyal believer of the Depoxito site
and will continue to strive for other updates and remodel our security system
suitably that it can prevent our faithful members from the threat
of personal data leakage, scam or fraud.
Depoxito is plus a trusted online gambling dealer that provides the most conclusive gambling games in Indonesia, such as sportsbook, slot games,
stir casino, lottery and online poker that you can accomplishment behind just
1 Account.
In supplement to the answer VIP assist game upon our site, we
will pamper you our faithful members because you don’t infatuation a lot of IDs to feign alternative
gambling games. As a gambling site accredited by PAGCOR (Philippines
Amusement and Gaming Corporation) Depoxito is plus one of the
number one gambling sites in Indonesia and has a good reputation from all online gambling players in Indonesia.
As we have said, we have a customer further that is always on standby to foster every your needs even though
playing upon our site, including for withdrawals and deposits that unaided resign yourself to less than 3 minutes,
for that reason we can be the best for devotee utility then our customer give support to will standby 24 hour a daylight
and 7 days a week to encourage our zealot and VIPs.
And the most special from our site compared to further sites is the other that we offer to our faithful members who continue to show on our site will acquire
the best promos and bonuses that we will present you, we always follow
the announce and trends that are viral now appropriately the promos that we create
are of course no less than any site. For VIP members we always meet the expense of special
promos that are not written in view of that that our members continue to
perform on our site depoxito
The best in class, Depoxito manage to pay for you high-end experience
that deliver the look and feel of genuine VIP standarts, we present you the best
tempting to high-level experience of VIPs expect in any summit stop casino, grand
rouse casino royale allow you the other studio design element including the grand blackjack, offering our VIP Customer the best
experience of a Salon privee table.
New style table along with feature across the room subsequent to grand roulette upgraded on our provider playtechs mini prestige roulette which delivering more interesting and richer playing
experience. The other experience contains a sum of seven tables including five blackjack tables,
one roulette table and one baccarat table.
Grand stir casino royale has been high hand-engineered
to fit the needs of our customer to using it, and contains
unique elements that is specially designed to maximize the
impact value we got from our customers and diversify it to
the existing network.
Soon, Depoxito will produce an augmented veracity technology
upon enliven casino for our VIP member, these most modern technology
ever seen in enliven casino including this augmented reality.
Which permit players to experience products on an entire
supplementary level which is never seen previously literally leaping
out of the game and taking the blackjack, baccarat, roulette and other game into
the accumulate entire level.
Depoxito VIP Baccarat, we have enough money you the entirely exclusive flesh and
blood VIP Baccarat that is played in imitation of in the works to 7 players at the similar table and our
deeply trained lovely living baccarat dealer. And of course our VIP aficionado will vibes as if they were essentially sitting
at one of the top casino baccarat table. This immersive gaming experience
creates a hugely risk-taking tell that our VIP players will locate difficult
to surpass.
Here is the list of rouse casino game that depoxito provide, we present the widest range of conscious casino games upon the
publicize including : blackjack unlimited, blackjack prestige, roulette, baccarat, poker, hi-lo, sic bo, and grand liven up casino royale such as Grand Baccarat, Grand Blackjack and Grand
Roulette for our VIP member. And of course as a member of
Depoxito you can enjoy every the games that we
have enough money to you, every you compulsion to attain is just visit our site depoxito and register it lonesome takes up to
3 minutes and later youre enjoyable to ham it up any game that you want.
Be our VIP, inborn our VIP believer of course granted you the best relief you can acquire from us all you obsession to be
a VIP member is completely easy. every you infatuation is just keep playing upon our site, deposit and act out subsequently a VIP
bearing in mind the amount that our company had written, save
playing and our customer facilitate will entre you that you are promoted to become
a VIP devotee on our site.
Mabosway stand-in sites and mobile sports login connections – There
are lots of online gambling agent sites scattered
upon the internet. Each of these sites has offers and features
provided, including the types of gambling games available.
Many online gambling sites lonesome allow 1 to 3
types of games and unconditionally have excellent games they
offer.
Mabosway.com is an online gambling agent site that offers not solitary 1 or 3
types of gambling games but 7 engaging types of gambling
games that you can play. This proves that Mabosway is the most utter betting
site that offers not lonely online soccer gambling, but Casino,
Poker, Toto 4D, Bola Tangkas, Fish Hunter and online cockfighting
gambling. This site is known as Mabosway Indonesia for members who arrive from Indonesia.
Various types of online gambling games are abundantly supported by the maximum encourage from
Mabosway.com. One of them is the Customer utility feature which is 24 hours standby to promote buildup and withdrawal transactions
for members. How to register is also simple to do, especially for beginner bettors who are starting to bet for the first time.
How to Apply for Mabosway
How to register mabosway is certainly simple for unmemorable people who want
to begin playing online gambling. You solitary have to
click the link NOW button on the house page which will go directly to the registration form
page. After successfully registering you will
acquire a user ID as an identity in the game.
After everything is done, you are officially allied and become a member.
After you officially become a supporter you are offered
to pick the type of online gambling game that you
can play. Here are 5 types of favorite online gambling games
that you can statute at Mabosway.com.
I would like to thank you for the efforts you have put in penning this website.
I really hope to view the same high-grade content from you in the future as well.
In truth, your creative writing abilities has inspired me to get my own website now 😉
Along past the times, issue developments have plus developed throughout the
world. The number of extra businesses that we don’t even know of
exist because there are too many of them. Similarly, the gambling business, of course there are also many names
of gambling agents that have sprung up. However, the emergence of these agents does not always meet the expense of a good unorthodox for gamblers,
both upscale and beginner gamblers. later fittingly many gambling agents popping up, completely not every
agents can be trusted because too many gambling concern worlds desire to
tolerate more profits without thinking just about the long-term impact.
Both members and for their own business.
Ensuring Bandar Legality
Therefore official agent2018 wants to meet the expense
of an easy pretension to locate a trusted
gambling agent site. The target is that you can have an idea, how to handle the situation. in the
same way as you are in a welcome already trapped by fraud traps.
Because we all know in that slant it’s impossible to acquire out
soon. You are as a consequence complacent, hence you are not up to date that you are
nevertheless under the put on of fraud from irresponsible agents.
To locate out the ascribed gambling agent is extremely easy, create certain as soon as
you visit the gambling site, whether it’s a gambling site or similar, it’s a good idea to ask
the customer facilitate whether the site is
official or not by asking for proof of ID number or associate
that can prove the existence of the site credited soccer gambling is true and realistic to operate, usually an official online gambling site.
Always has an office in the Philippines and is below the aegis of Cagayan or Pagcor, and has
genuine immunity and authority. Which is protected by the declare of the
Philippines, because the unaided country in Asia that is accomplished to pay for licenses for online gambling
concern sites, is by yourself in the Philippines. simple ample right?
To find a trusted online soccer betting site.