1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 6:14 pm May 1, 2026

Forum Moderators: phranque

Message Too Old, No Replies

Apache domain IIS subdomain

Allow access to the IIS subdomain, else redirect to login page

         

cbusb

4:40 pm on Jul 19, 2012 (gmt 0)

10+ Year Member



Hello,
We are a small publishing company implementing a digital magazine. After working with a software manufacturer for about 3/4 of a year to clear up some problems, we found some issues we were seeing using their software were related to trying to host the content on our LAMP VPS. Tests on IIS were ok.

We would like to restrict access to the publications to subscribers.

Our set up is this:
domain: example.com
Hosted Linux/Apache VPS

subdomain: subdomain.example.com
Hosted (shared hosting with Plesk control panel) Windows IIS server
We have turned off DNS on the Windows IIS server.

If a subscriber logs in through the main web site, a cookie is set. If the cookie is not present, we would like to keep them from being directed to subdomain.example.com. I'm not sure but was also thinking it might be good to set IIS to look for the cookie and redirect back to the login page in case someone got the IP.

Tests so far with etc/hosts on the VPS pointing to the IIS server works fine. I'd like to remove the etc/hosts entry and put a rewrite rule in place to control access.

This worked alright in tests when we were using a folder for the publication on the VPS. I've tried to find a context and rule to use in the current configuration without luck.
<Directory /var/www/vhosts/example.com/httpdocs/digitalmag>
Options +FollowSymLinks
RewriteEngine On

RewriteCond %{HTTP_COOKIE} !cookieName
RewriteRule ^(.+) http://www.example.com/magazine_login.php?$1 [L,R]
</Directory>

Desired operation:
In the current context, access to the magazine should be:
user enters url:
subdomain.example.com/201203
or
subdomain.example.com/201203?page=20

if they are logged in (if cookieName) they go to the url; and
if not logged in they go to the login page and the login page gets the url they tried so they can go to the url after they log in.

Any help is appreciated.

Thanks

[edited by: incrediBILL at 3:28 am (utc) on Jul 20, 2012]
[edit reason] replaced domain with Example.com [/edit]

lucy24

8:51 pm on Jul 19, 2012 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



One thing that jumps out at me: Do visitors to the original location arrive both with and without query strings? Your rule as written will take the original page request and convert it into a query for the login page. This will automatically delete the original query if there was one. If you also need to preserve the original query, you need a [QSA] as one of your flags.

Except in rare cases, [R] should be [R=301].

Was going to say something about the index page, but if this is all happening in your config file, that part is fine. You don't need the ^ anchor here though. By default, Regular Expressions start as soon as they can and go on as long as they can.

I assume the current rule isn't working, or you wouldn't have posted. But you don't say how it isn't working. There are more possibilities than you can shake a stick at, so 'fess up and go into detail.
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 6:14 pm May 1, 2026