over 9 years ago
Hello Friend,
Many times we need to implement SSL (Secure Socket Layer|) certificate on website for data security. After SSL implementation you don't want to allow page access through http://.
If any one try to access website using http:// then he/she should be redirected in https://. So we can achieve this implementing below rule in asp.net Web.config file.
Code:-
- <System.WebServer>
- <rewrite>
- <rules>
- <rule name="Force HTTPS" enabled="true">
- <match url="(.*)" ignoreCase="false" />
- <conditions>
- <add input="{HTTPS}" pattern="off" />
- </conditions>
- <action type="Redirect" url="https://{HTTP_HOST}/{R:1}" appendQueryString="true" redirectType="Permanent" />
- </rule>
- </rules>
- </rewrite>
- </System.WebServer>
<System.WebServer> <rewrite> <rules> <rule name="Force HTTPS" enabled="true"> <match url="(.*)" ignoreCase="false" /> <conditions> <add input="{HTTPS}" pattern="off" /> </conditions> <action type="Redirect" url="https://{HTTP_HOST}/{R:1}" appendQueryString="true" redirectType="Permanent" /> </rule> </rules> </rewrite> </System.WebServer>
We can also check visitors secure connection using Request.IsSecureConnection property. Example:-
- protected void Page_Load(object sender, EventArgs e)
- {
- if (!Request.IsSecureConnection) // check is secure connection used or not
- {
- Response.Redirect(Request.Url.AbsoluteUri.Replace("http://", "https://"));
- // redirect visitor to http to https
- }
- }
protected void Page_Load(object sender, EventArgs e) { if (!Request.IsSecureConnection) // check is secure connection used or not { Response.Redirect(Request.Url.AbsoluteUri.Replace("http://", "https://")); // redirect visitor to http to https } }
0 Comment(s)