But I want my site to be on 443 and use https. So when someone types www.example.com, I want the server to redirect to https://www.example.com. The trick is to install IIS rewrite on the server, then put the following into the web.config file:
<configuration>
<system.webserver="">
<rewrite>
<rules>
<rule name="HTTP to HTTPS redirect" stopprocessing="true">
<match url="(.*)">
<conditions>
<add ignorecase="true" input="{HTTP_HOST}" negate="true" pattern="^localhost*">
<add ignorecase="true" input="{HTTPS}" pattern="off">
</add> </add> </conditions>
<action redirecttype="Found" type="Redirect" url="https://{HTTP_HOST}/{R:1}">
</action> </match> </rule>
</rules>
</rewrite>
<modules runallmanagedmodulesforallrequests="true">
</modules> </system>
</configuration>
I've seen this basic XML in multiple places on the web, so don't know who the original author is to attribute it to. But I want to talk about my addition it.
The problem with the rewrite rules is when you are testing. Your IIS Express test server isn't going to have the certificate to handle SSL traffic. So you want to turn off the rewrite rule when you are testing. The line that does that is:
<add ignorecase="true" input="{HTTP_HOST}" negate="true" pattern="^localhost*">What that says is to ignore the rule as long as the web server name is localhost.
This threw all sorts of config errors for me. Many tags aren't written with case-sensitivity; and most tags end with />.
ReplyDeletesee corrected version:-