A quick and simple method for forcing people to use HTTPS on a site. The code uses Microsofts IIS Rewrite which is an additional feature in IIS 7 and IIS 7.5. You can easily place the following code into the applications web.config and adjust accordingly, it maintains the subfolder/path string and won’t strip it out.
<configuration>
<system.webServer>
<httpErrors errorMode="DetailedLocalOnly" defaultPath="./error/404.html" defaultResponseMode="ExecuteURL">
<remove statusCode="404" subStatusCode="-1" />
<error statusCode="404" prefixLanguageFilePath="" path="./error/404.html" responseMode="ExecuteURL" />
</httpErrors>
<rewrite>
<rules>
<rule name="HTTP to HTTPS redirect" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Found" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
There’s a few examples out there that don’t seem to work to great, but the above is tested and works just file.
Hope this helps people!
Jay Greig