IIS 7 Require SSL automatically redirect to https://
Solution 1
There are a few ways you can do this but if you have the URL Rewrite Module installed, it's fairly easy and a good way to do it.
You can paste the below configuration into your site's web.config file (enclosed in the <system.webServer></system.webServer>
section)
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="https redirect">
<match url="(.*)" ignoreCase="false" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="false" />
</conditions>
<action type="Redirect" redirectType="Found" url="https://{HTTP_HOST}{REQUEST_URI}" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
OR you can use the IIS's UI to make a new rule like in the below screenshot.
Solution 2
First, you need to disable 'Require SSL' in SSL Settings. Then you can follow Scott's solution.
RuslanY Blog's blog has a bunch of useful rules for IIS: 10 URL Rewriting Tips and Tricks
Solution 3
You could also use UrlRewriter.NET. The rules to use with that, look like this:
<rewriter>
<if header="HTTPS" match="^OFF$">
<redirect url="(.*)" to="https://yourdomain.example$1"/>
</if>
</rewriter>
venky
Updated on September 18, 2022Comments
-
venky over 1 year
I've configured IIS 7 to require SSL. Can I automatically redirect non-SSL requests to be encrypted?
For example, if a user types in
http://domain.example
, can IIS redirect the request tohttps://domain.example
rather than display the 403 error page? -
Dez Udezue about 7 yearsWhat does the off signify? this answer works btw
-
Admin almost 2 yearsAh! What you gave for the web.config was perfect. I put that in my configs and everything went exactly how I wanted. I know we aren't supposed to say thanks in comments, so I'm doing by saying that it works wonderfully!