Recently I’ve installed SSL certificate to my ASP.NET website. As my website was already indexed in search engines and referred by several other websites without SSL and just using the HTTP protocol. So, when changing the protocol to HTTPS, I’ve to make sure all the requests urls with http should be redirected to its equivalent HTTPS urls. It is easy to redirect HTTP to HTTPS protocol using the IIS URL Redirect Module and few lines of code in web.config. Follow these steps to redirect http to https with web.config.
Forcing HTTP to HTTPS using web.config
- The first thing you have to do is install URL Rewrite Module for the IIS. You can install the latest version of URL Redirect Module from https://www.iis.net/downloads/microsoft/url-rewrite. If you think the redirect module is already installed on the server, then you can confirm it by verifying the registry key \HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IIS Extensions\URL Rewrite.
- Once the URL Rewrite Module is installed, add the below lines of code in your web application’s web.config file inside <system.webServer>.
<system.webServer>
<rewrite>
<rules>
<clear />
<rule name=”Permanent HTTP to HTTPS Redirect” stopProcessing=”true”>
<match url=”.*” />
<conditions>
<add input=”{HTTPS}” pattern=”off” ignoreCase=”true” />
</conditions>
<action type=”Redirect” url=”https://{HTTP_HOST}{REQUEST_URI}” redirectType=”Permanent” appendQueryString=”false” />
</rule>
</rules>
</rewrite>
</system.webServer>
This rewrite rule in web.config does a permanent redirection to the equivalent https url. For example, the non secured url http://www.somedomain.com/somepage.aspx will be redirected to https://www.somedomain.com/somepage.aspx with a 301 HTTPS status code stating a permanent redirection. This method helps to retain the search engine indexing and ranking of the website from before implementing the SSL protocol.
Related Articles
- Solution for HTTP Error 404.13 – Not Found; deny a request that exceeds the request content length.
Reference
- About Using IIS URL Rewrite Module.
When I configure my web.config like that I get ERR_TOO_MANY_REDIRECTS. I am working on that problem since hours. Do you have any idea?
Hi Dominik Lienen,
Please go through the web.config and check if there is any other rule redirecting to a http url.