
Here’s the Best Way to Enforce HTTP to HTTPS Redirection in IIS Webserver Quickly
Before you start the HTTP to HTTPS redirection process within your IIS server, you’ll need to ensure that the SSL certificate[1] is installed correctly, and for the same, you can use the SSL checker tool. Once the SSL certificate is installed, you’ll need to work on a URL rewrite to redirect your website traffic to your newly installed SSL site.
Steps for Redirecting HTTP to HTTPS in Your IIS Webserver
- First, download and install the IIS URL Rewrite Module
- Open your IIS Manager in the console and select the website you’re looking to redirect
- Select the URL Rewrite
- Click on the Add Rules
- Select Blank Rule and click OK
- Enter the Name of the rule
- In the Match URL section, under the Requested URL drop-down menu, select “Matches the Pattern.” In the Match URL part, enter: “(.*)”
- Within the condition section, select the option Match All under Logical grouping and click Add
- And, once the next window opens, enter:
- {HTTPS} as your condition input
- From the drop-down menu, select “Matches and the Pattern.“
- As the pattern enter ^OFF$
- Click OK button
- In the section Action type, click and select Redirect and then provide Redirect URL: https://{HTTP_HOST}/{R:1}
- Check the option Append Query String check box
- From the Redirection type drop-down, select Permanent (301)
- Lastly, click Apply button.
Once you complete the above steps, you’ll require to apply the rule to your website. So, HTTP URLs automatically get redirected to HTTPS. Hence, below are the steps for the same:
Setting IIS HTTP to HTTPS Redirect Rules
- In the IIS dashboard, right-click on your website name and select the option Explore
- Once you click on it, the Root Directory will open. From there, select and open the web.config file.
- Ensure your web.config file contains the below-mentioned code block. If it doesn’t, then add it.
And, if you still need to configure your web.config file within the root directory, create a new.txt file, place the code mentioned above within it, and save it with the name web.config.
Note:
Above mentioned steps are for redirecting IIS server traffic from HTTP to HTTPS. Similarly, it works for IIS servers 5, 6, 7, 8, 8.5, and IIS 10.
The post HTTP to HTTPS in IIS – Enable the HTTPS Redirection in IIS Webserver[2] appeared first on CheapSSLWeb.com Resources[3].
*** This is a Security Bloggers Network syndicated blog from CheapSSLWeb.com Resources[4] authored by CheapSSLWeb.com Resources[5]. Read the original post at: https://cheapsslweb.com/resources/how-to-enable-http-to-https-in-iis/[6]
References
- ^ SSL certificate (cheapsslweb.com)
- ^ HTTP to HTTPS in IIS – Enable the HTTPS Redirection in IIS Webserver (cheapsslweb.com)
- ^ CheapSSLWeb.com Resources (cheapsslweb.com)
- ^ CheapSSLWeb.com Resources (cheapsslweb.com)
- ^ Read other posts by CheapSSLWeb.com Resources (securityboulevard.com)
- ^ https://cheapsslweb.com/resources/how-to-enable-http-to-https-in-iis/ (cheapsslweb.com)