IIS, redirect http to https

How to force site SSL and redirect anyone going to http.

1.)    Create unique redirection page and place in C:\WINDOWS\help\iisHelp\common\.  There is an example page (live) in the folder which you can copy and edit the URL to be redirected.  Rename the file to something that explains the redirection and remember the file name.

Example of the code:  Red outlines what needs to be changed

DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Transitional//EN” “http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd”>

xmlns=”http://www.w3.org/1999/xhtml”>

<head>

<meta content=”text/html; charset=utf-8″ http-equiv=”Content-Type” />

url=https://www.yourdomainname.com”/>

<title>Redirect</title>

</head>

<body>

</body>

</html>

2.)    Open IIS manager and find site to be redirected, right mouse click on the site and open the properties. Click on the “Custom Errors” tab and navigate down to the error code 403;4.  This is the error code for when you force SSL to a site and you go to it via none SSL.  Double click on this error code number and change the path to the new redirect URL file you just created in the same folder as the other error codes.


Picture of Custom error code location in IIS:

3.)    Still in the properties of the website click on the “Directory Security” tab and then on the edit button in the secure communications section of the tab.  Then place a check mark in the require secure channel (SSL) as per picture below and then click ok all the way out.  These settings take affect right away and there is no need to do a iisreset or anything.

 

And that is it.

 

Leave a Reply