Comments on: How to Auto-Redirect to a SSL-secured Site in IIS

By: Trevor

Trevor — Wed, 28 Sep 2011 04:04:32 +0000

Awesome. Thank you for the clear and concise explanation.

By: Andy

Andy — Wed, 15 Dec 2010 09:26:08 +0000

Thanks, this was just what I was looking for:-)

Cheers
Andy

By: James Kovacs

James Kovacs — Mon, 05 Jan 2009 03:45:55 +0000

Sorry, but I’ve had to close down comments on this post as it is being spammed by a bot.

By: John Homer

John Homer — Thu, 03 Apr 2008 18:54:14 +0000

One other thing. When using custom error pages, you really need to understand the following. Read closely as there are a lot of caveats in there. Also, I’m pretty sure this applies to IE7/Vista also.

http://support.microsoft.com/?kbid=218155

You can also find more information here:

http://www.issociate.de/board/post/454180/SSL_redirection_problem.html

Cheers,
John

By: John Homer

John Homer — Thu, 03 Apr 2008 17:52:06 +0000

Also, this solution can be applied to subfolders and even individual files as they all can have Custom Errors. i slo noticed my javascript is doing a stright replace on "http". it’s posible that the URL may have that string embedded elsewhere, in hich case, it would munge the URL (bad). So someone may want to take this javascript and run with it a little further but the basic concept is proven.

By: John Homer

John Homer — Thu, 03 Apr 2008 17:41:38 +0000

We did the same using pure IIS and only 1 website. Here’s how:

1) Make a copy of the 403.4 error page (don’t trash the original) located at C:\WINDOWS\help\iisHelp\common\403-4.htm
2) Name this copy something like 403-4.redirect.htm and leave in the same folder.
3) Modify the copy and include the following javascript (asp won’t work):

This goes just below the line that says ‘’

4) In IIS manager, open the properties for the site you’re configuring and select the Custom Errors tab.
5) Modify the 403.4 error to point to your modified file and click OK.
6) Sit back and enjoy!

Now when any user hits the site using HTTP, the error page will run the javascript and redirect them to the HTTPS URL while preserving the URL and query string.

By: James Kovacs

James Kovacs — Thu, 07 Feb 2008 21:34:28 +0000

@Ruffy – You can use the exact same trick for virtual directories. Create two websites as above, a secure one requiring SSL on 443 (and some high numbered http port like 8888) and a regular one on port 80. Rather than specifying the redirect from the web root, specify it on the virtual directory. For example, if you browse to http://server.example.com/securedapp/SomePage.aspx, the redirect would be configured for https://server.example.com/securedapp. Note that we include the virtual directory name in the redirect. Hope that helps.

By: Ruffy Chris Loquia

Ruffy Chris Loquia — Tue, 05 Feb 2008 12:05:16 +0000

Hi All,

I would like to ask what is the solution for redirecting just a sub page to https? I have a site with a lot of applications that can be accessed via: http://servername/appname. Each of them works independently. I have one application which needs to be in https and I want to auto redirect only that into https so that when a user entered http://servername/securedapp it will redirect to http://servername/securedapp and the rest will remain the same. Can this be achieved through IIS configuration? Done anyone has sound advice.

I will appreciate if you will email the answers to me directly at ruffy.loquia(at)gmail.com

Thanks a lot,
Ruffy Chris

By: Luke Drewer

Luke Drewer — Mon, 29 Oct 2007 19:12:02 +0000

Will have to agree with Lec! saved me a lot of messing about.. it does what it says on the tin!

Many thanks,
Luke.

By: Lec

Lec — Thu, 21 Jun 2007 19:27:23 +0000

Awesome! thank you!