How to redirect HTTP to HTTPS in IIS

Redirect are very common for web servers for most if not all websites these days.  This post I am using the URL Rewrite, if your server does not have already you need to download URL Rewrite extension which works With IIS 7, IIS 7.5, IIS 8, IIS 8.5, IIS 10.  Note.  If you already have the URL Rewrite you can skip to the section Adding Redirect Rule

Installation of URL Rewrite:

You can download directly from this link: https://www.iis.net/downloads/microsoft/url-rewrite

If you already have the Web Platform Installer, you can double click and find it there, under your web server>Sites>Select site>on the right-side panel you will see Management section

To start the installation double click on the URL Rewrite and click Install

Read the terms then click on I Accept

If everything goes well you should see, successfully installed, click Finish
you should see the URL Rewrite, if you don’t close the IIS Manager and re-open it.

Adding Redirect Rule:

Double click on the URL Rewrite for the site you want to redirect

Add your rules here, which fits your needs you may need more than one rules

I am going to create a rule to redirect HTTP to HTTPS:

Click Add Rules(s)
Then click on Blank rule (for Inbound rules)

Fill in the Name and other options shown in the screenshot, then expand the Conditions and click Add

This condition will check if user type’s https, then this rule will be ignored, so it avoids the loop

Nothing set on the server variables, unless you needed in some special case, you can add it, Next, we want to set up the redirect
https://{HTTP_HOST}/{R:1}

https://docs.microsoft.com/en-us/iis/extensions/url-rewrite-module/url-rewrite-module-configuration-reference

Your Rule should look something like this if you open your web.config file:
        <rewrite>
            <rules>
                <rule name=”http to https redirect” stopProcessing=”true”>
                    <match url=”(.*)” />
                    <conditions logicalGrouping=”MatchAny”>
                        <add input=”{HTTPS}” pattern=”^OFF$” />
                    </conditions>
                    <action type=”Redirect” url=”https://{HTTP_HOST}/{R:1}” />
                </rule>
            </rules>
        </rewrite>

If you have issues make sure to check following:

  • Make sure your webserver firewall ports 80 and 443 are opened
  • You may need to restart the IIS service for rule to take effect, also make your local cache is cleared for your browser.
  • Double-check the pattern of your rule make sure it’s correctly typed, not a typo

That’s it



Leave a Reply