Redirect HTTP to HTTPS on Windows IIS — Forced HTTPS
In my previous blog, I have SSL Certificate related setting done and IIS running with both HTTP and HTTPS. There are times where we want to make sure all traffics are using HTTPS, so we must redirect HTTP traffics to HTTPS.
In order to do so, we need to:
- Install rewrite module on IIS
- Configure HTTP to HTTPS rules
- That’s it and verify!
Let’s get started
Install rewrite module on IIS
Install rewrite modules from Microsoft’s website.
File called urlrewrite2.exe is downloaded, execute it.
Install through process as below.
IIS rewrite module is done.
Go back to IIS Manager and you shall see URL Rewrite feature as show below. If you do not see it, close IIS Manager and open it again.
Configure HTTP to HTTPS rules
In order to forced HTTPS, we need to configure rewrite rules, start by clicking on URL Rewrite feature.
You can add rewrite rule on IIS Server or Web sites. If you configure on IIS Server, it means all Web sites under it will be affect where rule is only affected to particular Web site if you configure it on Web site level.
In my blog, I will configure on IIS Manager level.
Next, click Add Rule(s), follow by Blank rule, then OK below.
Configure URL pattern to match rewrite rule.
Configure matching conditions.
Lastly, configure action for matched pattern.
A finished view.
Lastly, let’s access the website with HTTP and check if it is redirects to HTTPS! And succeed!!
That’s it for this series. Hope you enjoy!