2
SmarterMail v15.1.6005 - Installation breaks HTTP>HTTPS redirect in IIS
Problem reported by Nathan Harrington - July 14, 2016 at 9:16 PM
Resolved
When I upgraded to SM v15.1.6005 earlier this week, I noticed that some part of the upgrade process is removing the custom error page in IIS that redirects from http to https to force everyone to use a secure connection.  I'm not sure if this is part of the SM uninstall, or the SM install, but I had to manually recreate this custom error page.  The same thing happened on my test server when I was doing initial testing.
 
I'm referring to Internet Information Services (IIS) Manager > Sites > SmarterMail > IIS > Error Pages, and specifically to a custom 403.4 redirect on that page.
 
It's not difficult to fix it, but it's annoying that I have to.  Is there some reason why the SM uninstall or SM install is deleting this redirect.  Note that I'm not sure where in the process it's happening, but nothing else in the instructions touches IIS, so those seem like the two most likely sources of the issue.

4 Replies

Reply to Thread
0
Sean Middlemore Replied
July 15, 2016 at 8:33 AM
Yup, this happens to us whenever we upgrade or reinstall SmarterMail. 
1
Scarab Replied
July 15, 2016 at 2:43 PM
Yes, the SmarterMail installer overwrites the \SmarterMail\MRS\web.config on every upgrade.
 
If you don't want to keep adding your URL Rewrite for HTTP > HTTPS to the \MRS\web.config on every update then you would want to add your URL Rewrite at the Server level instead of the Website level (this is assuming that your server is only running SmarterMail and no other websites).
 
The global file is located: C:\Windows\system32\inetsrv\config\applicationHost.config
 
You would add your Rewrite Rule as follows:
 
        <rewrite>
            <globalRules>
                <rule name="Redirect to HTTPS" stopProcessing="true">
                    <match url="(.*)" />
                    <conditions>
                        <add input="{HTTPS}" pattern="^OFF$" />
                    </conditions>
                    <action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="SeeOther" />
                </rule>
            </globalRules>
        </rewrite>
Of course, you will have to stop the World Wide Web Publishing Service before making this change and restart it when your change is complete, but you do not have to stop/start the SmarterMail service. 
 
Note: if you are hosting multiple sites (i.e., mail.customerdomain.com) but only one SSL Certificate for the Mail Server's Hostname then you'd change https://{HTTP_HOST}/{R:1} to https://fqdn.yourserver.com/{R:1}
0
Nathan Harrington Replied
July 16, 2016 at 9:50 AM
Thanks for the info.  That explains it. 
 
As I mentioned, it's not a huge deal, more just an annoyance.  It might be worth SmarterTools adding a note to the upgrade procedures though, as it was something that has to be fixed after every upgrade for those of us that use it.
0
Andrea Rogers Replied
January 20 at 1:42 PM
Employee Post
Hello Nathan,
 
I wanted to give you a heads up that the ability to force all traffic over HTTPS will be a native setting option in SmarterMail 16.x, which is currently in BETA and scheduled for final release this first quarter of the year. Going forward, once your site is configured in IIS and a valid SSL cert is installed on the server, you can enable a setting in SmarterMail to require an SSL connection. This setting will be found in the Miscellaneous Settings > Server Info section. The Administrator will see the following settings: Require SSL and Allow domains to override SSL Requirement. 
 
For versions earlier than 16.x, we would recommend following Scarab's suggestion of adding your URL rewrite on the server level instead. 
 
Thank you!
Andrea Rogers
Communications Specialist
SmarterTools Inc.
(877) 357-6278
www.smartertools.com

Reply to Thread