Enforcing HTTP to HTTPS on IIS

The IIS server on Windows doesn’t have a feature that can automatically redirect traffic out of the box. There are multiple ways to accomplish it but the easiest way is probably to use a module called URL Rewrite.

Go to the URL Rewrite Module site to download the installation file and run it on a server you want to enforce the HTTPS traffic.

Once installed, go to the SSL-enabled site on IIS Manager, select URL Rewrite, Add Rules, and a Blank rule.

Name your rule and set up the details as below:

Match URL
Requested URL: Matches the Pattern
Using: Wildcards
Pattern: *
Ignore case: Checked

Logical grouping: Match Any
Condition input{HTTPS}
Check if input string: Matches the Pattern
Pattern: OFF
Ignore case: Checked
Track capture groups across conditions: Not checked

Server Variables
Leave blank.

Action type: Redirect
Redirect URL: https://{HTTP_HOST}{REQUEST_URI}
Append query string: Not checked
Redirect type: Permanent (301)

Restart the IIS server and you are all set.

Leave a Reply

Your email address will not be published. Required fields are marked *