After installing an SSL certificate on a website running on IIS, it’s essential to configure automatic redirection of all unsecured HTTP requests to secure HTTPS URLs. This not only enhances the site’s security but also ensures HTTPS functions correctly without requiring manual adjustments from users. This guide applies to IIS versions running on Windows Server 2022, 2019, 2016, as well as Windows 10 and 11.
You can purchase original product keys from our catalog:
Windows 11 – from 11.40 €
Windows 10 – from 10.40 €
Windows Server 2022 – from 28.00 €
Windows Server 2019 – from 16.90 €
Windows Server 2016 – from 11.50 €
Step 1: Installing the IIS URL Rewrite Module
To configure traffic redirection in IIS, you need to install the IIS URL Rewrite Module 2.1.
1. Download and install the module, then restart the IIS Management Console.
2. Open Internet Information Services (IIS) Manager by running the command InetMgr.exe and select the website for which you want to configure the redirect.
Step 2: Verifying SSL Settings
Before creating a redirection rule, ensure that the Require SSL option is disabled in the site’s settings.
1. Navigate to the SSL Settings section for the site in IIS.
2. Confirm that the Require SSL option is not enabled, as enabling it may conflict with the redirection rule and result in a 403.4 Forbidden error.
Step 3: Creating a Rule for HTTP to HTTPS Redirect
Now proceed to configure the redirect rule:
1. In the IIS console, select the URL Rewrite section.
2. Click Add Rule and select Blank rule.
Step 4: Configuring Rule Parameters
1. Specify a name for the rule, e.g., Redirect HTTP to HTTPS.
2. In the Requested URL section, select Matches the Pattern.
3. In the Using section, select Wildcards.
4. In the Pattern field, enter * (use wildcard characters).
Step 5: Configuring Conditions
1. In the Conditions section, set Logical Grouping to Match All.
2. Click Add to create a new condition:
– Condition input: {HTTPS}
– Check if input string: Matches the Pattern
– Pattern: OFF
– Ignore case: Enabled
Step 6: Configuring the Action
1. In the Action section, configure the following:
– Action Type: Redirect
– Redirect URL: https://{HTTP_HOST}{REQUEST_URI}
– Redirect type: Permanent (301)
2. Save the rule and restart IIS to apply the changes by running the following command:
iisreset
Step 7: Testing the Rule
1. Open a browser and attempt to access the site via HTTP. You should be automatically redirected to HTTPS.
2. Verify that the redirect works correctly and the site is accessible via the secure protocol.
Configuring Redirect via web.config File
You can also manually configure the HTTP to HTTPS redirect by editing the web.config file. Add the following lines to the rewrite section:
These settings will ensure automatic redirection of all HTTP requests to HTTPS for your website.
