Forcing https through a rewrite

      2 Comments on Forcing https through a rewrite

When setting up a SSL site you always have to make sure that your visitors use the correct (https://) address. With this rewrite rule you can force people to visit the site over SSL:


    
        
	    
	    
	        
	    
	    
	
    

What we do here is simple: take all non-https traffic (input=”{HTTPS}” pattern=”off”) and redirect it to the same page on a https connection. Enjoy!

2 thoughts on “Forcing https through a rewrite

  1. Jan Reilink

    Redirect a non-SSL website to HTTPS with IIS httpRedirect:

    <httpRedirect enabled="true"
    destination="https://example.com"
    httpResponseStatus="Permanent" />

    But you probably have to set up a new IIS Web Site and directory for the SSL website, to avoid a redirection loop.

Comments are closed.