0

I've seen that this question has been asked quite a few times in the distant past on older versions of the architecture pattern.

I've tried to implement https with header tags in controllers, to writing custom filter methods but they all crash my web implementation.

Does anyone know how to enable HTTPS for MVC 4 projects for both debugging and deployment?

ekad
  • 14,436
  • 26
  • 44
  • 46
Zev
  • 11
  • 2
  • 3
  • What exactly are you trying to do? I would expect the HTTPS to be configured and terminated at the web server (e.g IIS) and your application need not be concerned with HTTPS if its set up correctly. – LDJ Aug 23 '16 at 14:09
  • @LDJ I'm trying to implement geolocation which has now been deprecated on non-https sites across a number of browsers. It's accordance with this article https://sites.google.com/a/chromium.org/dev/Home/chromium-security/deprecating-powerful-features-on-insecure-origins Thus I need to conform by making sure HTTPS is configured. – Zev Aug 23 '16 at 15:23

1 Answers1

0

I think you want to implement SSL-only website to prevent http access.

You can start here Implementing HTTPS Everywhere in ASP.Net MVC application and similar question here SSL pages under ASP.NET MVC

Community
  • 1
  • 1
Teoman shipahi
  • 47,454
  • 15
  • 134
  • 158
  • A quick question from spending the whole of today on this problem. Is it possible to use any of those methods on a deployed a web application online? Or will I inevitably have to purchase an SSL certificate if I wish to use HTTPS? – Zev Aug 24 '16 at 00:09
  • Yes, you will have to get SSL sertificate installed on your server. After you install, it is pretty much it. Your connections will be secured, you will not need to implement anything on the website to make it "more secure" regards to secure connection. Those implementations are more about a website supports both http and https and you wanna filter some actions specifically for https. – Teoman shipahi Aug 24 '16 at 03:37