IIS: Redirect from http to https
April 30, 2005 Leave a comment
I had the need to move access to a site from http to https to accommodate a customer requirement. We had already published the http URL, and wanted to minimize the effect on the customer by redirecting requests to the SSL port.
Once SSL is required to access a web site, accessing the site via port 80 generates a useful error that advises the user to use https instead of http when accessing the site. Confirm you have access to the site over SSL by navigating to it using the https protocol.
To redirect from port 80 to 443, we must create an ASP file that redirects to the same URL over SSL upon the 403.4 (SSL required) error. The redirection file queries the request for Port 80 and reconstructs the URL for access via https. We must also create a virtual directory that points to the original application directory to support redirection.
For the purposes of this example:
- The original (and newly secure) directory is called ‘AppDirectory’.
- The redirection file is called ‘AppDirectory_Redirect.asp’.
- The redirection support directory is called ‘AppDirectory_Redirect’.
First, create the redirection file and save it to ‘AppDirectory’ as ‘AppDirectory_Redirect.asp’. Here is the code:
If Request.ServerVariables("SERVER_PORT")=80 Then
‘ Get server variables
strQUERY_STRING = Request.ServerVariables("QUERY_STRING")
‘ Fix the query string:
strWork = Replace(strQUERY_STRING,"http","https")
strWork = Replace(strWork,"403;","")
‘ Now, set the new, secure URL:
strSecureURL = strWork
‘response.write(strSecureURL) ‘ uncomment for sanity check.
In this example, do not change “SERVER_PORT” or “SERVER_NAME” as they’re the hard-coded names of the server variables.
In IIS, use the virtual directory creation wizard to create the redirect virtual directory ‘AppDirectory_Redirect’, pointing to ‘AppDirectory’ as the physical path. Leave the access permissions as Read.
In IIS, right click the original application directory ‘AppDirectory’ and click properties. Follow these steps:
- Click the ‘Custom Errors’ tab and double-click 403.4.
- In the ‘Message Type’ box, click URL.
- In the URL box, type ‘/AppDirectory_Redirect/AppDirectory_Redirect.asp’ (redirecting to the redirect file you created earlier).
- Click the ‘Directory Security’ tab.
- Under secure Communications, click ‘Edit’.
- Select ‘Require secure channel (SSL). Set 128-bit encryption as appropriate for your certificate.
- Click ‘OK’ until your changes are saved.
- Restart IIS Admin.
Note: you can always restore the original 403.4 error message by clicking ‘Set to Default’
Test the site by navigating to ‘http://AppDirectory’; you should be redirected to the site over https.