VisibleThread -
Help Center Find helpful articles on different VisibleThread Products

Follow

Configuring IIS as a Reverse Proxy for VT Writer

Prerequisites:

  1. You must install these two required extensions for Microsoft IIS:
    Url-Rewrite-Download
    Application-Request-Routing-Download

Creating a Server Certificate


Note: creating a certificate only needs to be done if you do not have an SSL cert for your server already.


First step is to create a SSL cert for the VisibleThread Doc server via Microsoft IIS. Open your Microsoft IIS server and navigate to the Server Certificates tab and double click it.


In the pane on the right hand side of the window you will see options for creating an SSL cert. For this example I will use a Self-Signed Certificate. 


worddavd2e55b6d0fbb183b80427f72c7f97a2c.png


Next, create a name for your certificate. Once you have entered a name. click OK.

 

Creating a Site


To create a site click Sites in the left pane.



Click Add Web Site... in the right hand pane.


worddav20f006b496a329d6f7b7a84fa684529f.png


Next, fill the Add Website form with your relevant information. Ensure the IP address: is All Unassigned. Click OK once completed. 

 

Configuring the reverse proxy

To set up the reverse proxy, navigate to your new Site and click URL Rewrite.


Next, click Add Rule(s)... in the right hand pane.



Select Reverse Proxy and click OK

 

The address must be localhost:8080. Select Enable SSL Offloading. Then click OK.

 

Configuring SSL Encryption and Port 443

To set up SSL encryption and port 443 we need to add a new binding. Navigate to your Site in the IIS Manager and select Bindings... in the right hand pane. Then click Add....

Begin filling out the form. Ensure the Type: is set to https. Leave the IP Address as All Unassigned, and set the Port to 443. Lastly, select the SSL certificate you wish to use. Then click OK.

Edit Preserve Host Headers Variable

On the server level, select Configuration Editor.


Under the system.webServer/proxy section, change the variable PerserveHostHeaders to True.

Increase Request Limit

Next, on the site level, open Request Filtering.

Click Edit Feature Settings in the left hand pane.

Change the Maximum URL Length value to 8192. Change the Maximum query string value to 4096. Then click OK.

Enable HTTP_X_FORWARDED

Select URL Rewrite on the server level. Then click View Server Variables.

Click Add... and add the three variables below.

HTTP_X_FORWARDED_HOST
HTTP_X_FORWARDED_SCHEMA
HTTP_X_FORWARDED_PROTO

Next, back on the site level, open URL Rewrite and open your existing ReverseProxy rule. Under Server Variables, click Add.... The variables you just made should be available in the drop down menu. Add each one, with the values listed below:

HTTP_X_FORWARDED_HOST      {HTTP_HOST}
HTTP_X_FORWARDED_SCHEMA     https
HTTP_X_FORWARDED_PROTO      https

iis6.png

Setting up HTTP - HTTPS Redirection

By default, after completing the IIS Reverse Proxy setup, VT Writer is available on Port 80 (HTTP) and Port 443 (HTTPS). In many cases it may be more desirable to redirect HTTP traffic to HTTPS to enforce encryption. The following steps will set up this redirection.

In the URL Rewrite menu on your IIS site, select Add Rule(s)... and then click Blank rule and click OK.

 

Choose a name for the rule, and change the pattern to (.*)

Select Conditions, then click Add. Insert {HTTPS} for the Condition Input. Insert ^OFF$ for the Pattern. Then click OK.

Next select Action, and change the Action type to Redirect. Then insert https://{HTTP_HOST}{REQUEST_URI} in the Redirect URL field. Then click Apply in the top right corner.

Lastly, move up your new redirect rule in the URL Rewrite rule list by selecting your redirect rule and clicking Move Up.

Was this article helpful?
0 out of 0 found this helpful

Get Additional Help

Visit our Helpdesk for additional help and support.