Link to home
Start Free TrialLog in
Avatar of Brian
BrianFlag for United States of America

asked on

URL Rewrite

Hi EE,

I need to redirect users in my web.config file if a user tries to enter http://mysite.com/secure which should be https://mysite.com/secure. Is there a way to do this in the web.config file such as URL Rewrite? I don't have access to IIS since I'm on a Shared Hosting Plan so it needs to be done in web.config file.

Thanks in advance!!!
Avatar of Yiogi
Yiogi
You can do it easily in your global.asax. Just add this method, or add the code inside it, if you already have the method specified.


protected void Application_BeginRequest(Object sender, EventArgs e)
{
   if (!HttpContext.Current.Request.IsSecureConnection)
   {
    Response.Redirect("https://" + Request.ServerVariables["HTTP_HOST"]
+   HttpContext.Current.Request.RawUrl);
   }
}

Open in new window

Avatar of Brian
Brian
Flag of United States of America image

ASKER

Hi Yiogi,

Ok, but where do I put the URL that I want to have redirected to https at?
Avatar of SAMIR BHOGAYTA
SAMIR BHOGAYTA
Flag of India image
Avatar of Brian
Brian
Flag of United States of America image

ASKER

That does not show how to redirect a user who visits http://www.mysite.com to https://www.mysite.com. I need to have the http site redirected to https. Can  you show me how to do this?
Avatar of Rahul Agarwal
Rahul Agarwal
Flag of India image
add global.asax file from right click on project in solution explorer->add new items->add global.asax file.

Put this code:

protected void Application_BeginRequest(Object sender, EventArgs e)
{
   if (!HttpContext.Current.Request.IsSecureConnection)
   {
    Response.Redirect("https://" + Request.ServerVariables["HTTP_HOST"]
+   HttpContext.Current.Request.RawUrl);
   }
}
Avatar of Yiogi
Yiogi
You will not put the url to redirect to anywhere. It will redirect the user to the exact same url he typed in the address but to secure version of the page instead. So if for example user navigated to:

http://www.mysite.com/test/default.aspx?asds=value

he will be redirected to:
https://www.mysite.com/test/default.aspx?asds=value

This is exactly what Request.ServerVariables["HTTP_HOST"] +   HttpContext.Current.Request.RawUrl
will do for you. Replace the url with the one the user originally navigated to. That is the beauty of it.
Avatar of Brian
Brian
Flag of United States of America image

ASKER

Hi Yiogi,

Not sure where to put the http URL at in the following code that you provided below.


protected void Application_BeginRequest(Object sender, EventArgs e)
{
   if (!HttpContext.Current.Request.IsSecureConnection)
   {
    Response.Redirect("https://" + Request.ServerVariables["HTTP_HOST"]
+   HttpContext.Current.Request.RawUrl);
   }
}
ASKER CERTIFIED SOLUTION
Avatar of Yiogi
Yiogi
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Brian
Brian
Flag of United States of America image

ASKER

Hi Yiogi,

No, still confused, you are showing the same URL's above. You also mention asp.net as an example but not in the code you provided. All my pages DO NOT require SSL only a certain directory such as "client/secure/index.aspx" so i need to make sure that if someone types in http://mysite.com/client/secure/index.aspx they get redirected to https://mysite.com/client/secure/index.aspx.
Avatar of Yiogi
Yiogi
Ah ok, I apologize I thought you wanted it for all the pages.

The code I have there will redirect the user to SSL for any page in the website if you place it in the global.asax file.

Just place the code below in your index.aspx.cs then. And you are all set.
protected override void OnInit(EventArgs e) {
        base.OnInit(e);
        if (!HttpContext.Current.Request.IsSecureConnection) {
            Response.Redirect("https://" + Request.ServerVariables["HTTP_HOST"] + HttpContext.Current.Request.RawUrl);
        }
    }

Open in new window