over 9 years ago
Hello Friend,
Many times we need to implement SSL (Secure Socket Layer|) certificate on website for data security. After SSL implementation you don't want to allow page access through http://.
If any one try to access website using http:// then he/she should be redirected in https://. So we can achieve this implementing below rule in asp.net Web.config file.
Code:-
- <System.WebServer>
- <rewrite>
- <rules>
- <rule name="Force HTTPS" enabled="true">
- <match url="(.*)" ignoreCase="false" />
- <conditions>
- <add input="{HTTPS}" pattern="off" />
- </conditions>
- <action type="Redirect" url="https://{HTTP_HOST}/{R:1}" appendQueryString="true" redirectType="Permanent" />
- </rule>
- </rules>
- </rewrite>
- </System.WebServer>
<System.WebServer>
<rewrite>
<rules>
<rule name="Force HTTPS" enabled="true">
<match url="(.*)" ignoreCase="false" />
<conditions>
<add input="{HTTPS}" pattern="off" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" appendQueryString="true" redirectType="Permanent" />
</rule>
</rules>
</rewrite>
</System.WebServer>
We can also check visitors secure connection using Request.IsSecureConnection property. Example:-
- protected void Page_Load(object sender, EventArgs e)
- {
- if (!Request.IsSecureConnection) // check is secure connection used or not
- {
- Response.Redirect(Request.Url.AbsoluteUri.Replace("http://", "https://"));
- // redirect visitor to http to https
- }
- }
protected void Page_Load(object sender, EventArgs e)
{
if (!Request.IsSecureConnection) // check is secure connection used or not
{
Response.Redirect(Request.Url.AbsoluteUri.Replace("http://", "https://"));
// redirect visitor to http to https
}
}
0 Comment(s)