How to force HTTPS using a web.config file
You need URL Rewrite module, preferably v2 (I have no v1 installed, so cannot guarantee that it will work there, but it should).
Here is an example of such web.config -- it will force HTTPS for ALL resources (using 301 Permanent Redirect):
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<clear />
<rule name="Redirect to https" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Permanent" appendQueryString="false" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
P.S.
This particular solution has nothing to do with ASP.NET/PHP or any other technology as it's done using URL rewriting module only -- it is processed at one of the initial/lower levels -- before request gets to the point where your code gets executed.
Use web.config to redirect HTTP to HTTPs
Thanks to Dan, this worked.
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="HTTP to HTTPS redirect" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" redirectType="Found" url="https://{HTTP_HOST}/{R:1}" />
</rule>
<rule name="WordPress Rule" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
</conditions>
<action type="Rewrite" url="index.php" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
Redirect HTTP to HTTPS in WEB.CONFIG compatible with IIS 8.5 (ASP.NET)
Looks like you forgot to install the rewriteurl module. Get it here:
http://www.iis.net/downloads/microsoft/url-rewrite
Web.config redirect from http to https for some sub-site
I managed to come up with a solution:
<rule name="Redirect to https">
<match url="(.*)"/>
<conditions>
<add input="{HTTPS}" pattern="Off"/>
<add input="{REQUEST_METHOD}" pattern="^get$|^head$" />
<add input="{HTTP_HOST}" pattern="(.*SomeWordFromMyUrl*)"/>
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}"/>
</rule>
Best way in asp.net to force https for an entire site?
Please use HSTS (HTTP Strict Transport Security)
from http://www.hanselman.com/blog/HowToEnableHTTPStrictTransportSecurityHSTSInIIS7.aspx
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="HTTP to HTTPS redirect" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}"
redirectType="Permanent" />
</rule>
</rules>
<outboundRules>
<rule name="Add Strict-Transport-Security when HTTPS" enabled="true">
<match serverVariable="RESPONSE_Strict_Transport_Security"
pattern=".*" />
<conditions>
<add input="{HTTPS}" pattern="on" ignoreCase="true" />
</conditions>
<action type="Rewrite" value="max-age=31536000" />
</rule>
</outboundRules>
</rewrite>
</system.webServer>
</configuration>
Original Answer (replaced with the above on 4 December 2015)
basically
protected void Application_BeginRequest(Object sender, EventArgs e)
{
if (HttpContext.Current.Request.IsSecureConnection.Equals(false) && HttpContext.Current.Request.IsLocal.Equals(false))
{
Response.Redirect("https://" + Request.ServerVariables["HTTP_HOST"]
+ HttpContext.Current.Request.RawUrl);
}
}
that would go in the global.asax.cs (or global.asax.vb)
i dont know of a way to specify it in the web.config
Related Topics
Dependency Injection Unity - Conditional Resolving
Best /Fastest Way to Read an Excel Sheet into a Datatable
How to Set Aspnetcore_Environment to Be Considered for Publishing an ASP.NET Core Application
Getting Data from Stored Procedure with Entity Framework
Dynamically Generate Linq Queries
Check If Number Is Prime Number
Tolist()-- Does It Create a New List
Multiple Httppost Method in Web API Controller
Using Global Keyboard Hook (Wh_Keyboard_Ll) in Wpf/C#
Unrecognized Escape Sequence for Path String Containing Backslashes
How to Get the Calling Method Name and Type Using Reflection
How to Get the Exif Data from a File Using C#
Best Way to Resolve File Path Too Long Exception