Redirect HTTP to HTTPS


What is the best (and easiest) way to redirect all of my web traffic from HTTP to HTTPS. I just installed the security cert for a client.

The best way of redirection is through code where you can change or remove the redirection by its own .
For this you need to add the below lines in default page , it could be default or index page. This solution is for windows 2003 .
Response.Redirect "https://" & Request.ServerVariables("HTTP_HOST") & "

But in case of Windows server 2008 websites

URL Rewrite has a GUI to allow you to enter rules within IIS 7; in the background all this does is edit the web.config file of the site. I will tell you how to create a rule both ways.

In the following we will redirect HTTP to HTTPs using URL Rewrite.
You need to installed the URL Rewrite 2.0 windows 2008 server. (We have this on 2008 shared servers, of course you need to use web.config method on shared, but VPS clients can do this on IIS GUI)

Steps are as follows

1. Select the website you wish to configure
2. In the “Features View” panel, double click URL Rewrite
3. You will notice there are currently no rules configured for this site. Click “Add Rules…” in the Actions menu to the right of the “Features View” panel

4. Use the default “Blank rule” and press “OK”.
5. When editing a rule there are the “Name” field and 4 configuration pull down boxes.
6. Enter “Redirect to HTTPS” in the name field.
7. Next we will configure the first configuration pull down box called “Match URL”, on the right side of “Match URL” press the down arrow to expand the box.
8. Within the “Match URL” configuration box we will set the following settings:

Requested URL: Matches the Pattern
Using: Regular Expressions
Pattern: (.*)

9. We can now edit the next configuration pull down box which is “Conditions”, Press “Add…” to add a new condition to the configuration.

10. We will configure the condition with the following settings:

Condition Input: {HTTPS}
Check if input string: Matches the Pattern
Pattern: ^OFF$

Press “OK”

11. You should see your condition in the list of conditions.

For this setting we do not need to configure the “Server Variables” pull down box. Continue onto the “Action” configuration box and pull down the box by selecting the arrow on the right. We will configure the following settings for the “Action” configuration:

Action Type: Redirect
Redirect URL: https://{HTTP_HOST}/{R:1}
Redirect Type: See Other (303)

Press “Apply” then press “Back to Rules”

12. You should now see the rule configured on the main screen of the URL Rewrite module.

Test your site, it should now redirect from HTTP to HTTPS.

13. If we look at the web.config file we can see where the rule was entered. If we entered the rule directly into the web.config file it would show up in the GUI.

Web.Config Rule

You can also edit the web.config file of the site directly and you will be able to see the rule in the GUI. You will need to enter the following within the <system.webServer> </system.webServer> elements.
<rule name="Redirect to HTTPS" stopProcessing="true">
<match url="(.*)" />
<conditions><add input="{HTTPS}" pattern="^OFF$" />
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="SeeOther" />
The below code when added to an .htaccess file will automatically redirect any traffic destined for http: to https:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]

You can also add the following lines of code in the index page of your site :

if($_SERVER["HTTPS"] != "on")
    header("Location: https://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]);

server {
    listen 80;
    server_name [URL=';'];[/URL]
    rewrite ^ [URL]$request_uri?[/URL] permanent;