IIS Rewrite Rule in web.config to redirect HTTPS requests to HTTP

Question

I need to redirect all https requests to http, for example, if someone visits https://www.example.com/another-page/ to http://www.example.com/another-page/

I have the following rewrite rule in my web.config right now, but it's not working correctly. It's redirecting https://www.example.com/another-page/ to https://www.example.com/, so to the root of the site, but instead I want the redirect to stay in the same URL and only rewrite https to http.

 <rule name="Redirect to HTTP" stopProcessing="true">
   <match url="(.*)" />
     <conditions>
       <add input="{R:1}" pattern="^onepage/(.*)$" negate="true" />
       <add input="{HTTPS}" pattern="^ON$" />
     </conditions>
     <action type="Redirect" url="http://{HTTP_HOST}/{R:0}" redirectType="Permanent" />
 </rule>

Any help on changing the above rule so that it only changes https to http, but keeps the full url visited would be greatly appreciated!

Extremely related, though this question is not technically a dupe: http://stackoverflow.com/questions/9823010/how-to-force-https-using-a-web-config-file — Chris Moschini, Aug 04 '15 at 20:30

score 18 · Answer 1 · edited May 23 '17 at 11:45

I set up your rule, cleaned up a little, and it worked; so this isn't really answering with much new.

Suggestion: Remove the onepage input condition just for testing, as cheesmacfly suggested in the question comment.

Also, try changing the action to {R:1} instead of {R:0}. It shouldn't matter in this case, but I just like using 1 and up, to match the specific capturing group. R:0 means the entire matched string, which always confuses me just a little.

<rule name="Redirect to HTTP" stopProcessing="true">
    <match url="(.*)" />
    <conditions>
        <add input="{HTTPS}" pattern="^ON$" />
    </conditions>
    <action type="Redirect" url="http://{HTTP_HOST}/{R:1}" redirectType="Permanent" />
</rule>

One possibility is that your browser has cached a previous attempt of your rules. When the redirectType is Permanent, and you're still developing or testing, the browser often caches a previous rule. Clear your browser cache, and/or remove the Permanent, and/or browse in incognito mode. When done testing, change it to permanent. See number 2 and 3 in this answer: https://stackoverflow.com/a/9204355/292060

Anoop Asok · Answer 2 · 2014-09-29T12:47:59.213

3

Please paste the below code in web.config file.

<rule name="Redirect to http" stopProcessing="true">
    <match url="(.*)" />
    <conditions>
        <add input="{HTTP}" pattern="off" ignoreCase="true" />
    </conditions>
    <action type="Redirect" url="http://{HTTPS_HOST}{REQUEST_URI}" redirectType="Permanent" appendQueryString="false" />
</rule>

edited Sep 29 '14 at 12:47

answered Sep 26 '14 at 06:10

Anoop Asok

1,311
1
8
20

Thanks, but as stated in the question, site is running on IIS not Apache, so no .htaccess file. Instead I'm using a web.config file and the IIS rewrite module. – IntricatePixels Sep 26 '14 at 20:14
1

I think you have misstyped HTTP and HTTPS. They must be reversed – Nomikos Strigkos Jul 18 '18 at 08:42

IIS Rewrite Rule in web.config to redirect HTTPS requests to HTTP

2 Answers2

Linked