Setting up an HTTP/HTTPS redirect in IIS
Once the SSL certificate is installed, your site still remains accessible via a regular insecure HTTP connection. To connect securely, visitors must specify the https:// prefix manually when entering your site’s address in their browsers.
In order to force a secure connection on your website, it is necessary to set up a certain HTTP/HTTPS redirection rule. This way, anyone who enters your site using a link like “yourdomain.com” will be redirected to “https://yourdomain.com” or “https://www.yourdomain.com” (depending on your choice) making the traffic encrypted between the server and the client side.
Below are steps to setup a IIS HTTPS redirect:
- Download and install the URL Rewrite module.
- Open the IIS Manager console and select the website you would like to apply the redirection to in the left-side menu:
- Double-click on the URL Rewrite icon.
- Click Add Rule(s) in the right-side menu.
- Select Blank Rule in the Inbound section, then press OK.
- Enter any rule name you wish.
- In the Match URL section:- Select Matches the Pattern in the Requested URL drop-down menu
– Select Regular Expressions in the Using drop-down menu
– Enter the following pattern in the Match URL section: (.*)
– Check the Ignore case box
- In the Conditions section, select Match all under the Logical Grouping drop-down menu and press Add.
- In the prompted window:
– Enter {HTTPS} as a condition input
– Select Matches the Pattern from the drop-down menu
– Enter ^OFF$ as a pattern
– Press OK
- In the Action section, select Redirect as the action type and specify the following for Redirect URL:https://{HTTP_HOST}{REQUEST_URI}
- Un-check the Append query string box.
- Select the Redirection Type of your choice. The whole Action section should look like this:
- Click on Apply on the right side of the Actions menu.