How to always forward http to https? [Answered]RSS

4 replies

Last post Sep 28, 2016 05:30 PM by radman2

  • How to always forward http to https?

    Sep 27, 2016 12:54 PM|radman2|LINK

    I've searched and can't find anything related to this.

    I have a backend web server and I want external browsers to go to https: instead of going to https: if they type in 'http://'

    So I created an Inbound Rule with:
    Match URL: 'Matches the Pattern', 'Wildcards', Pattern: *
    Conditions: 'Match all', '{HTTP_HOST}', 'Matches the Pattern', 'test.domain.com'
    Actions: 'Route to Server Farm', 'https://', Path is '/{R:0'

    If I change the Action Scheme to 'http://' it works, but then people aren't redirected to https and they can use the site as http.

    I added {HTTPS} under the 'Conditions', but that doesn't work either.

    Hopefully this is common and something simple!

  • Rovastar Rovastar

    5445 Posts

    MVP

    Moderator

    Re: How to always forward http to https?

    Sep 27, 2016 02:22 PM|Rovastar|LINK

    To be honest I am still a little confused by what you are trying to do.

    If you want all traffic to be https than a simple urlrewrite rule (done at the server level before your rewrite rules for the farms routing) is how i do it.

    If you want your backend requests to also be https then change your farm routing rule to say https rather than the offloading http. Then there will be another https connection from ARR to your webservers.
    Troubleshoot IIS in style
    https://www.leansentry.com/
  • Re: How to always forward http to https?

    Sep 27, 2016 04:02 PM|radman2|LINK

    Thanks for the reply. Yes, that wording is confusing. Here's what it should say:

    "I have a backend web server and I want external browsers to go to https instead of going to http if they type in just 'http'

    I don't want *all* traffic to be https, just on specific internal (I called them backend) servers.

    The internal servers are running Exchange and other servers run Linux for other web apps, so I want to handle all SSL on the ARR server (I'm doing that with a wildcard certificate).

    What I want to do is, for those few SSL-only internal servers, I want the user to be directed to go to https if they type http.

    For non-SSL sites, I just want them to pass through.

    Getting confused with all the {HTTP_HOST} and {HTTPS} and Match all/any options. Not sure how to accomplish what I want to do.

  • Re: How to always forward http to https?

    Sep 28, 2016 10:01 AM|Yuk Ding|LINK

    Hi radman2,

    You just need to set URL rewrite rule in non-ssl site node.

    please modify your URL rewrite rule with following script:

                    <rule name="http to https" stopProcessing="true">
                        <match url="(.*)" />
                        <conditions trackAllCaptures="true">
                            <add input="{HTTPS}" pattern="HTTPS" negate="true" />
                            <add input="{HTTP_HOST}" pattern="my.test.com" />
                        </conditions>
                        <action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" appendQueryString="true" redirectType="Temporary" />
                    </rule>
    

    Best Regards,

    Yuk Ding

    Yuk Ding

    MSDN Community Support
    Please remember to "Mark as Answer" the responses that resolved your issue.
  • Re: How to always forward http to https?

    Sep 28, 2016 05:30 PM|radman2|LINK

    Perfect, works like a charm, thank you!

    Here's a screenshot of what I entered since I don't know how to enter the scripts:

    http2https