Thinking of migrating your IIS 7.0 Engine to Cloud ? Previous post We have discussed regarding IIS Migration.
Today post will be redirecting our http traffic to https. This will ensure your users always accessing the site securely. There are many ways to redirect http to https, however I believe in below ideal principle :
- Gently redirect users to HTTPS so users don’t have to type in “https” in the URL
- Redirect users to the specific page that they were going to go to on HTTP (page.htm)
- Save any variables passed in the query string (?page=2)
- Work in all browsers!
- Transfer PageRank to the redirected page by using a 301 redirect, maintaining SEO
- Allow specific parts of a site to force SSL but allow HTTP on other parts of the site
- Redirect users from mydomain.com to http://www.mydomain.com
Below is my way of redirecting http to https after few research and testing. The method of setting up an IIS7 redirect HTTP to HTTPS is to require SSL on the site or part of the site and set up a custom 403.4 error page.
- Install your SSL certificate in IIS 7 and bind it to your website
- In IIS, click on the site name > go to SSL Settings section
- Check Require SSL and Require 128-bit SSL > Apply
- After doing this, users will receive this error :
5. Create a new txt file and paste the following:
6. Save the file as redirectToHttps.htm in your C:\Inetpub directory > Go back in IIS > click on site name > double-click the Error Pages option
7. Click Add > enter 403.4 as the Status code > Browse for the redirectToHttps.htm file you created > OK > Select the error code > Edit Feature Settings… > Click Custom error pages option > browse for redirectToHttps.htm file
8. Test the site and making sure it redirects
Note : Using a custom error page to redirect from HTTP to HTTPS using IIS 7.0 is the web browser must have JavaScript enabled for the redirection to work
Good Luck!!
Credit : TechNet, SSL Shopper
Andreas Wasita 