Redirect http to https

[OJM]

Hi,

I was hoping someone might be able to help me please?

At my place of work, we run the online version of Outlook, so people can check their emails from home.

Because this runs through a secure address (https) when people browse to the http address, it says the person isn't authorised to view it.

Is there anyway I can set it up on the server (where it's hosted), so if someone types in the address with http, it will automatically redirect them to the https address (or display a page saying 'you are being redirected etc')?

Thanks in advance for your help!

Kind regards,

Oli Mortimer

 

[antic]

This would be a question for your server's IT support, wouldn't it?

 

[OJM]

I work in the ICT department of the company, and was just wondering how I can config IIS to do the above (redirect HTTP to HTTPS, instead of showing a "HTTP Error 403 - Forbidden")

 

[antic]

ah Well I'm not an iis admin, but logically you would first have to make sure iis is allowing http (port 80) connections - that is port 80 is mapped to your site in iis.

Once that's done and you can see the default site by browsing to the server, you need to write the little ASP script to do the redirection, which would simply be Response.Redirect "https://www.yourdomain.com"

You can check the ServerVariables collection to see if the user has connected using a secure connection or not - if they haven't that's when you do the redirection.

 

[Sailor]

Just saw this post today, but in case you're still looking here's how I do it. This first checks if they used www (since my SSL cert only works on that domain). Then I reconstruct the original URL with https and www and redirect them wher they were going.

<%
' ForceSSL.asp
' included at top of all admin pages to force use of SSL
Dim strSecureURL
If Request.ServerVariables("SERVER_PORT")=80 Then
if not inStr(Request.ServerVariables("SERVER_NAME"), "www.") > 0 then ' need to add the www part
strSecureURL = "https://www."
else
strSecureURL = "https://"
end if

strSecureURL = strSecureURL & Request.ServerVariables("SERVER_NAME")

strSecureURL = strSecureURL & Request.ServerVariables("URL")

strSecureURL = strSecureURL & "?" & Request.QueryString

Response.Redirect strSecureURL
End If
%>

 

[OJM]

Thanks, I'll try that one!

How would I edit that to say, if they don't have https at the start of the URL, redirect them to https ?

 

[Penhall]

A simple redirect to https: on entry would be something like:

<%
Response.Buffer = True
If (Request.ServerVariables("HTTPS") = "off") then response.redirect "https://somedomain.com/directroy"
%>

 

[Sailor]

How would I edit that to say, if they don't have https at the start of the URL, redirect them to https ?

If all you want to do is redirect to https, just check the port:

If Request.ServerVariables("SERVER_PORT")=80 Then
response.redirect("https://www.someplace.com")
end if

The rest of my script just makes sure they also have www in the URL (because my SSL cert is only for that domain name), and checks what specific page and querystring variables they were using.