Jasinski Technical Wiki

Navigation

Home Page
Index
All Pages

Quick Search
»
Advanced Search »

Contributor Links

Create a new Page
Administration
File Management
Login/Logout
Your Profile

Other Wiki Sections

Software

PoweredBy

Page History: Forcing SSL with a URL Rewrite Rule - IIS7

Compare Page Revisions



« Older Revision - Back to Page History - Newer Revision »


Page Revision: Tue, Sep 23, 2014, 9:36 AM


Overview

Frequently when you have a site that uses SSL, you want to force the use of SSL on all pages. Thus, when a user navigates to an http:// . . . address on the site, you would like them redirected to the equivalent https:// . . . address. This article describes how to do this within Internet Information Services 7

Procedure

Single Web Server

This procedure will work with a single web server (i.e., no load balancer). It can also be accomplished by added the following to your web.Release.config file.

<system.webServer>
  <rewrite xdt:Transform="Insert">
    <rules>
      <rule name="HTTPs Redirect" enabled="true" stopProcessing="true">
        <match url="(.*)" />
        <conditions>
          <add input="{HTTPS}" pattern="off" />
        </conditions>
        <action type="Redirect" url="https://{HTTP_HOST}/{R:1}" />
      </rule>
    </rules>
  </rewrite>
</system.webServer>

1. Within IIS7 Manager, navigate to the site of interest > IIS group > URL Rewrite icon

2. Create a rule with the following settings

Match URL
Requested URL = Matches the Pattern
Using = Regular Expressions
Pattern = (.*)
Ignore case = unselected

Conditions (only one condition)
Logical grouping = Match All
Input = HTTPS
Type = Matches the Pattern
Pattern = off
Track capture groups across conditions = unselected

Action
Action type = Redirect
Redirect URL = https://{HTTP_HOST}/{R:1}
Append query string = selected
Redirect type = Permanent (301)

SSL Redirect Rule Settings

SSL Redirect Rule Settings


Multiple Web Servers Behind a Load Balancer - NOT Using SignalR

NOTE: This will break SignalR. See below for how to force SSL for a site that uses SignalR.

Add the following to your web.Release.config file

<system.webServer>
  <rewrite xdt:Transform="Insert">
    <rules>
      <rule name="HTTPS rewrite behind ELB rule" enabled="false" stopProcessing="true">
        <match url="^(.*)$" ignoreCase="false" />
        <conditions>
          <add input="{HTTP_X_FORWARDED_PROTO}" pattern="^http$" ignoreCase="false" />
        </conditions>
        <action type="Redirect" redirectType="Found" url="https://{SERVER_NAME}{URL}" />
      </rule>
    </rules>
  </rewrite>
</system.webServer>

ScrewTurn Wiki version 3.0.1.400. Some of the icons created by FamFamFam. Except where noted, all contents Copyright © 1999-2024, Patrick Jasinski.