{"id":442,"date":"2018-11-01T22:19:21","date_gmt":"2018-11-02T03:19:21","guid":{"rendered":"http:\/\/zewwy.ca\/?p=442"},"modified":"2018-11-01T22:19:38","modified_gmt":"2018-11-02T03:19:38","slug":"iis-redirect-http-to-https","status":"publish","type":"post","link":"https:\/\/zewwy.ca\/index.php\/2018\/11\/01\/iis-redirect-http-to-https\/","title":{"rendered":"IIS redirect HTTP to HTTPS"},"content":{"rendered":"

<\/span>The Requirement<\/span><\/h1>\n

Recently I posted about creating and using a certificate for use on and IIS website<\/a>. I did this recently for my Dev to deploy his new web app, which required use of a devices camera for QR scanning purposes, well it runed out that the camera could not be used unless the app was secured with TLS (a certificate). So we created a cert and created a new secure binding.<\/p>\n

However, it was soon pretty apparent every time I pressed the down arrow key on my browsers URL it would use the regular HTTP (at first we removed the port 80 binding which caused site unavailable issue). So after re-adding the standard port 80 binding for regular HTTP, I decided to use a rewrite rule to handle the redirection.<\/p>\n

It wasn’t as intuitive as I thought it would be so a little google search<\/a> and I was on my way…<\/p>\n

As the source states, after you have your certificate and port binding for HTTPS, as well as one for regular HTTP.<\/p>\n

In order to force a secure connection on your website, it is necessary to set up a certain HTTP\/HTTPS redirection rule. This way, anyone who enters your site using a link like \u201cyourdomain.com\u201d will be redirected to \u201chttps:\/\/yourdomain.com\u201d or \u201chttps:\/\/www.yourdomain.com\u201d (depending on your choice) making the traffic encrypted between the server and the client side.<\/p>\n

Below you can find the steps for setting up the required redirect:<\/p>\n

<\/span>The Source<\/span><\/h2>\n
    \n
  1. \n
      \n
    1. Download and install<\/a> the \u201cURL Rewrite\u201d module.<\/li>\n
    2. Open the \u201cIIS Manager\u201d console and select the website you would like to apply the redirection to in the left-side menu:\"iisred1\"<\/li>\n
    3. Double-click on the \u201cURL Rewrite\u201d icon.<\/li>\n
    4. Click \u201cAdd Rule(s)\u201d in the right-side menu.<\/li>\n
    5. Select \u201cBlank Rule\u201d in the \u201cInbound\u201d section, then press \u201cOK\u201d:\"iisred2\"<\/li>\n
    6. Enter any rule name you wish.<\/li>\n
    7. In the \u201cMatch URL\u201d section:- Select \u201cMatches the Pattern\u201d in the \u201cRequested URL\u201d drop-down menu
      \n– Select \u201cRegular Expressions\u201d in the \u201cUsing\u201d drop-down menu
      \n– Enter the following pattern in the \u201cMatch URL\u201d section: \u201c(.*)\u201d
      \n– Check the \u201cIgnore case\u201d box<\/p>\n

      \"iisred3\"<\/li>\n

    8. In the \u201cConditions\u201d section, select \u201cMatch all\u201d under the \u201cLogical Grouping\u201d drop-down menu and press \u201cAdd\u201d.<\/li>\n
    9. In the prompted window:
      \n– Enter \u201c{HTTPS}\u201d as a condition input
      \n– Select \u201cMatches the Pattern\u201d from the drop-down menu
      \n– Enter \u201c^OFF$\u201d as a pattern
      \n– Press \u201cOK\u201d<\/p>\n

      \"iisred4\"<\/li>\n

    10. In the \u201cAction\u201d section, select \u201cRedirect\u201d as the action type and specify the following for \u201cRedirect URL\u201d:https:\/\/{HTTP_HOST}\/{R:1}<\/b><\/li>\n
    11. Check the \u201cAppend query string\u201d box.<\/li>\n
    12. Select the Redirection Type of your choice. The whole \u201cAction\u201d section should look like this:\"iisred5\"<\/li>\n<\/ol>\n<\/li>\n<\/ol>\n

      <\/span>The Note<\/span><\/h1>\n

      NOTE: There are 4 redirect types of the redirect rule that can be selected in that menu:
      \n– Permanent (301) \u2013 preferable type in this case, which tells clients that the content of the site is permanently moved to the HTTPS version. Good for SEO, as it brings all the traffic to your HTTPS website making a positive effect on its ranking in search engines.
      \n– Found (302) \u2013 should be used only if you moved the content of certain pages to a new place *temporarily*. This way the SEO traffic goes in favour of the previous content\u2019s location. This option is generally not recommended for a HTTP\/HTTPS redirect.
      \n– See Other (303) \u2013 specific redirect type for GET requests. Not recommended for HTTP\/HTTPS.
      \n– Temporary (307) \u2013 HTTP\/1.1 successor of 302 redirect type. Not recommended for HTTP\/HTTPS.<\/p>\n

        \n
      1. Click on \u201cApply\u201d on the right side of the \u201cActions\u201d menu.<\/li>\n<\/ol>\n

        The redirect can be checked by accessing your site via http:\/\/ specified in the URL. To make sure that your browser displays not the cached version of your site, you can use anonymous mode of the browser.<\/p>\n

        <\/span>The Helping Hand<\/span><\/h1>\n

        The rule is created in IIS, but the site is still not redirected to https:\/\/<\/b><\/p>\n

        Normally, the redirection rule gets written into the web.config file located in the document root directory of your website. If the redirection does not work for some reason, make sure that web.config exists and check if it contains the appropriate rule.<\/p>\n

        To do this, follow these steps:<\/p>\n

          \n
        1. In the sites list of IIS, right-click on your site. Choose the \u201cExplore\u201d option:\"iisred6\"<\/li>\n
        2. \u201cExplore\u201d will open the document root directory of the site. Check if the web.config file is there.<\/li>\n
        3. The web.config file must have the following code block:
          \n<configuration>
          \n<system.webServer>
          \n<rewrite>
          \n<rules>
          \n<rule name=”HTTPS force” enabled=”true” stopProcessing=”true”>
          \n<match url=”(.*)” \/>
          \n<conditions>
          \n<add input=”{HTTPS}” pattern=”^OFF$” \/>
          \n<\/conditions>
          \n<action type=”Redirect” url=”https:\/\/{HTTP_HOST}\/{R:1}” redirectType=”Permanent” \/>
          \n<\/rule>
          \n<\/rules>
          \n<\/rewrite>
          \n<\/system.webServer>
          \n<\/configuration><\/i><\/li>\n
        4. If the web.config file is missing, you can create a new .txt file, put the aforementioned code there, save and then rename the file to web.config.<\/li>\n<\/ol>\n

          This one, much like my Offline Root CA post is a direct copy of the source. For the same reason, I felt I had no need to re-word it as it was very well written.<\/p>\n

          Thanks Namecheap, although it would have been nice to thank the actual author who took the time to do the beautiful write up with snippets. \ud83d\ude42<\/p>\n","protected":false},"excerpt":{"rendered":"

          The Requirement Recently I posted about creating and using a certificate for use on and IIS website. I did this recently for my Dev to deploy his new web app, which required use of a devices camera for QR scanning purposes, well it runed out that the camera could not be used unless the app … <\/p>\n

          Continue reading “IIS redirect HTTP to HTTPS”<\/span><\/a><\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"sfsi_plus_gutenberg_text_before_share":"","sfsi_plus_gutenberg_show_text_before_share":"","sfsi_plus_gutenberg_icon_type":"","sfsi_plus_gutenberg_icon_alignemt":"","sfsi_plus_gutenburg_max_per_row":"","footnotes":""},"categories":[8],"tags":[120,121,22,122],"class_list":["post-442","post","type-post","status-publish","format-standard","hentry","category-server-administration","tag-http","tag-https","tag-iis","tag-redirect"],"_links":{"self":[{"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/posts\/442","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/comments?post=442"}],"version-history":[{"count":1,"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/posts\/442\/revisions"}],"predecessor-version":[{"id":443,"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/posts\/442\/revisions\/443"}],"wp:attachment":[{"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/media?parent=442"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/categories?post=442"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/tags?post=442"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}