Redirecting HTTP to HTTPS is the most common requirement we receive as a sysadmin. Below are the steps to perform the task.
- Make sure you’ve got the URL rewrite module installed in IIS. If you aren’t sure if you do or not, you’ll find out quickly when you can’t find “URL Rewrite” in the steps below. Here are downloads for the 32bit version or the 64bit version.
- After you install the URL Rewrite module, you can perform the task in two ways: IIS GUI and web.config XML. I prefer doing this through the web.config file, but the GUI will also be shown here.
Requirement
To redirect http://mydomain.com -> https://mydomain.com
Using web.config XML:
Create, if it doesn’t exist already, a <system.webServer> section and copy & paste the following code. Be sure to replace mydomain with the hostname of your website.
<!-- Redirect to HTTPS --> <rewrite> <rules> <rule name="http to https" stopProcessing="true"> <match url="(.*)" /> <conditions> <add input="{HTTPS}" pattern="^OFF$" /> </conditions> <action type="Redirect" url="https://www.domain.com/{R:1}" redirectType="Permanent" /> </rule> </rules> </rewrite>
Using IIS URL Rewrite GUI:
1. Select your website in IIS Manager and then click on the “URL Rewrite” option in the features pane.
2. Once URL Rewrite screen is open, click the “Add Rules…” link in the right hand pane and enter the details as shown below.
3. Select Blank Rule from the inbound rules section.
4. Give it a descriptive name.
5. Match URL section:
- Set Requested URL to Matches the Pattern.
- Set Using to Regular Expression
- Set Pattern to (.*)
7. Next in the Conditions section. Click Add
- Set Condition Input to {HTTPS}
- Set Check if Input String to Matches the Pattern
- Set Pattern to ^OFF$
- Click OK
8. In the Actions section
- Set Action Type to Redirect
- Set Redirect URL to https://{HTTP_HOST}/{R:1}
- Set Redirect Type to Permanent(301)
- Click Apply
Now all request to that site should be redirected (301 permanent redirects) to the https version of the site.