Publishing Magento with ISA 2006 Firewall

Last modified by bigphil on Thu, June 24, 2010 15:24
Source|Old Revisions  

This is an old revision of the document!

This is just a quick information guide on how to publish a Magento website using Microsoft ISA 2006 Firewall. This only applies to a site that is published with a “www” prefix to the url ( If you are using something like “” then no need for the extra stuff in this article, just publish the site as you normally would with an ISA Firewall policy.

Test environment: Split-Brain DNS, Windows 2003 sp2 + all updates (to this date) w/ ISA 2006 SP1 Firewall, Windows 2003 sp2 + all updates w/ Apache http server 2.2.10, PHP 5.2.6, MySQL 5.0.67 (using Apache VirtualHosts file), Magento 1.1.6 using mod_rewrite option.

After you get your site up and running with Magento, the next thing to do is publish your site through ISA. First things first. If you were paying attention in the beginning of this article you know that this is for publishing a site, and therefore we will need to setup a rewrite rule for Apache otherwise you will run into issues with funky url’s in the front end, stuff not working in the front/back end. Edit your httpd-vhosts.conf file (apache-install-dir/conf/extra) and create a new vhost, or edit your current one to mimic the following:

# Start <VirtualHost *:80> DocumentRoot C:/www/example1/magento ServerName ServerAlias <Directory C:/www/example1/magento> AllowOverride All </Directory> RewriteEngine On RewriteCond %{HTTP_HOST} !^ [NC] RewriteCond %{HTTP_HOST} !^$ RewriteRule ^/(.*)$1 [L,R] </VirtualHost> # Stop

* The rewrite rule will allow users to browse to and be directed to with all links working correctly in front/back end.

Save the file once you’re done editing. Now you will need to enable a few things in the httpd.conf file (apache-install-dir/conf). If you havent done so already, uncomment the following line (just remove the “#” in from of them): LoadModule rewrite_module modules/

Save the file.

Now its time to create a new web publishing rule in ISA. Under the “Firewall policy” settings > Tasks Tab > click “Publish Web Sites” and type a name for the new rule (e.g.: “Allow”) Click Next

Choose the “Allow” radio button and click Next

Choose the “Publish a single Web site or load balancer” and lickc Next

Choose the correct form of security (for this example i am NOT using SSL), click Next

Type the internal site name, for this example i would type in “” (without the quotes). If ISA cant resolve the name, be sure to type in the apache servers IP address, click Next

Put a check in the box “Forward the original host header...”, click Next

Type in the Public name for the site (e.g.: ““) without the quotes, click Next

Choose the appropriate web listener or create a new one, click Next on the remaining screens and finally click Finish! Now you must Apply the new Firewall policy at the top of the ISA management screen. Now open your new policy by right clicking on it and choosing “Properties”, go to the “Public Name” tab and add a new address to the list (i.e.: “”) no quotes. You should now have to addresses listed, and Click apply and then test the rule using the “Test Rule” button (if you have ISA 2006 SP1). If all the tests passed you should now be able to navigate to and Apache will rewrite the request to so everything works as you want it!!!