Professional Documents
Culture Documents
Setting Up An HTTP/HTTPS Redirect in IIS
Setting Up An HTTP/HTTPS Redirect in IIS
10. In the Action section, select Redirect as the action type and specify the following for
Redirect URL:
https://{HTTP_HOST}{REQUEST_URI}
11. Un-check the Append query string box.
12. Select the Redirection Type of your choice. The whole Action section should look like
this:
NOTE: There are 4 redirect types of the redirect rule that can be selected in that
menu:
- Permanent (301) – preferable type in this case, which tells clients that the content of
the site is permanently moved to the HTTPS version. Good for SEO, as it brings all the
traffic to your HTTPS website making a positive effect on its ranking in search engines.
- Found (302) – should be used only if you moved the content of certain pages to a
new place *temporarily*. This way the SEO traffic goes in favour of the previous
content’s location. This option is generally not recommended for a HTTP/HTTPS
redirect.
- See Other (303) – specific redirect type for GET requests. Not recommended for
HTTP/HTTPS.
- Temporary (307) – HTTP/1.1 successor of 302 redirect type. Not recommended for
HTTP/HTTPS.
The IIS redirect can be checked by accessing your site via http:// specified in the URL.
To make sure that your browser displays not the cached version of your site, you can
use anonymous mode of the browser.
The rule is created in IIS, but the site is still not redirected to https://
Normally, the redirection rule gets written into the web.config file located in the
document root directory of your website. If the redirection does not work for some
reason, make sure that web.config exists and check if it contains the appropriate rule.
1. In the sites list of IIS, right-click on your site. Choose the Explore option:
2. Explore will open the document root directory of the site. Check if the web.config file
is there.
3. The web.config file must have the following code block:
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="HTTPS force" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}"
redirectType="Permanent" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
4. If the web.config file is missing, you can create a new .txt file, put the aforementioned
code there, save and then rename the file to web.config.