0

If I type in example.com it redirects to https://example.com as I want to. However when typing http://example.com/blog it still redirects to https://example.com

<rewrite>
      <rules>
        <clear/>
         <rule name="Force HTTPS" stopProcessing="true">
          <match url="(.*)" />
          <conditions>
            <add input="{HTTPS}" pattern="off" ignoreCase="true"/>
          </conditions>
          <action type="Redirect" url="https://{HTTP_HOST}/{R:1}" appendQueryString="false" redirectType="Permanent" />
        </rule>
      </rules>
    </rewrite>

How can I make it add https to whatever the user wrote?

vcsjones
  • 138,677
  • 31
  • 291
  • 286
crystyxn
  • 1,411
  • 4
  • 27
  • 59
  • Did you try the code here? http://stackoverflow.com/a/47095/993547 – Patrick Hofman Sep 22 '16 at 13:38
  • Yes. I've added the outbound rules now and still, it redirectsto the root – crystyxn Sep 22 '16 at 13:42
  • please try this http://stackoverflow.com/questions/32523540/http-to-https-rewrite-too-many-redirect-loops-iis-7 and for in detail information ,please follow this artical http://www.hanselman.com/blog/HowToEnableHTTPStrictTransportSecurityHSTSInIIS7.aspx – Prashant Mohite Sep 22 '16 at 13:44

1 Answers1

1

You can use attribute [System.Web.Mvc.RequireHttps] for controller.

If you need it on all controller, you can use following code (only Asp.Net MVC6/core).

public void ConfigureServices(IServiceCollection services)
{
  services.AddMvc(options =>
    {
        options.Filters.Add(typeof(RequireHttpsInProductionAttribute));
    });
}

Note: And you can use HSTS to avoid client to use http request next time.

  <system.webServer>
    <httpProtocol>
      <customHeaders>
        <add name="Strict-Transport-Security" value="max-age=31536000"/>
      </customHeaders>
    </httpProtocol>
</system.webServer>
qin
  • 1,627
  • 15
  • 22