Redirect HTTP To HTTPS With web.config

Recently I’ve installed SSL certificate to my ASP.NET website. As my website was already indexed in search engines and referred by several other websites without SSL and just using the HTTP protocol. So, when changing the protocol to HTTPS, I’ve to make sure all the requests urls with http should be redirected to its equivalent HTTPS urls. It is easy to redirect HTTP to HTTPS protocol using the IIS URL Redirect Module and few lines of code in web.config. Follow these steps to redirect http to https with web.config.

Forcing HTTP to HTTPS using web.config

  1. The first thing you have to do is install URL Rewrite Module for the IIS. You can install the latest version of URL Redirect Module from https://www.iis.net/downloads/microsoft/url-rewrite. If you think the redirect module is already installed on the server, then you can confirm it by verifying the registry key \HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IIS Extensions\URL Rewrite.
  2. Once the URL Rewrite Module is installed, add the below lines of code in your web application’s web.config file inside <system.webServer>.

    <system.webServer>
    <rewrite>
    <rules>
    <clear />
    <rule name=”Permanent HTTP to HTTPS Redirect” stopProcessing=”true”>
    <match url=”.*” />
    <conditions>
    <add input=”{HTTPS}” pattern=”off” ignoreCase=”true” />
    </conditions>
    <action type=”Redirect” url=”https://{HTTP_HOST}{REQUEST_URI}” redirectType=”Permanent” appendQueryString=”false” />
    </rule>
    </rules>
    </rewrite>
    </system.webServer>

    Redirect HTTP To HTTPS With web.config

This rewrite rule in web.config does a permanent redirection to the equivalent https url. For example, the non secured url http://www.somedomain.com/somepage.aspx will be redirected to https://www.somedomain.com/somepage.aspx with a 301 HTTPS status code stating a permanent redirection. This method helps to retain the search engine indexing and ranking of the website from before implementing the SSL protocol.

Related Articles

Reference


2 thoughts on “Redirect HTTP To HTTPS With web.config”

Leave your thoughts...

This site uses Akismet to reduce spam. Learn how your comment data is processed.