Force HTTPS on domains

This method assumes that you already have a SSL Cert installed on your website.  This method also uses the IIS URL Rewrite Module which is installed on all of our servers.
 
You need to add the following block to your web.config between the <system.webServer> </system.webServer>  tags.
      <rewrite> 
       <rules> 
         <rule name="HTTP/S to HTTPS Redirect" enabled="true" stopProcessing="true"> 
         <match url="(.*)" /> 
         <conditions logicalGrouping="MatchAny"> 
           <add input="{SERVER_PORT_SECURE}" pattern="^0$" /> 
         </conditions> 
         <action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Permanent" /> 
         </rule> 
       </rules> 
     </rewrite> 
 
Below is a simplified example web.config.
 <?xml version="1.0" encoding="UTF-8"?> 
 <configuration> 
   <system.webServer> 
     <rewrite> 
       <rules> 
         <rule name="HTTP/S to HTTPS Redirect" enabled="true" stopProcessing="true"> 
         <match url="(.*)" /> 
         <conditions logicalGrouping="MatchAny"> 
           <add input="{SERVER_PORT_SECURE}" pattern="^0$" /> 
         </conditions> 
         <action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Permanent" /> 
         </rule> 
       </rules> 
     </rewrite> 
   </system.webServer> 
 </configuration> 
 

Add Feedback