Tuesday, February 27

How to redirect HTTP requests to HTTPS in IIS?

Security in information technology is a big concern today. Especially, where the end-users are using the application or website (username, password or personal data, etc.. ) need to be encrypted to meet the data protection requirements. IIS is one of the most used web servers to host such applications and websites. Creating the websites in windows server IIS is easy (HTTP or HTTPS). But, to redirect to HTTPS even users enter the HTTP address is a little bit tricky. This post is a step-by-step guide to redirect HTTP requests to HTTPS automatically or forcefully in windows server IIS.

Download the URL Rewrite module or extension from the link below and install.

Open the Internet information service (IIS) manager from the server manager or by typing IIS or inetmgr in the Search section of windows. You will find the URL Rewrite module within the respective website. Before starting the configuration make sure that you have the correct bindings.

IIS Bindings

Double click or open the URL Rewrite module. Click on Add Rule(s), select Blank rule, and ok.

URL Rewrite Add new rules.

Now it’s time to create the redirect rule. Specify the rule name, in this article, it is HTTP to HTTPS Redirect. Leave default values in the Requested URL and Using section. The pattern must be the (.*).

Creating Redirect Rule 1

Expand the Condition section. Select Add, Condition input is {HTTPS} and Pattern is ^OFF$. Click on OK. In the Action section Action type is Redirect, Action Properties is Redirect URL, and Redirect type is Permanent (301).

Creating Redirect Rule 2

Restart the IIS service. Enter http://yoursitename.com, the request will be redirected to HTTPS automatically.

Leave a Reply

Your email address will not be published. Required fields are marked *