Steven
asked on
Force HTTP URL to HTTPS - IIS 6
I'm running Windows Server 2003 with IIS 6.
My default website is setup with SSL.
When you browse to https://yadayada.com it works fine.
When you browse to http://yadayada.com you are directed to a 403 Forbidden site.
If you browse to http, I would like them redirected to https.
I thought by modifying the custom error pages I could add a redirector within the html, but there is no 403 error site. (see screen shot).
....help please
ss.jpg
My default website is setup with SSL.
When you browse to https://yadayada.com it works fine.
When you browse to http://yadayada.com you are directed to a 403 Forbidden site.
If you browse to http, I would like them redirected to https.
I thought by modifying the custom error pages I could add a redirector within the html, but there is no 403 error site. (see screen shot).
....help please
ss.jpg
ASKER
problem still exists - I also performed an iisreset a number of times.
see attached screen shot.
ss1.jpg
see attached screen shot.
ss1.jpg
That error is not the one I would expect for the 'You can only connect using HTTPS' error. It's something different.
Is it the same IIS site which is configured for SSL as it is for port 80 HTTP traffic?
-Matt
ASKER
you mean this?
ss2.jpg
ss2.jpg
Yes. It seems as though you only have one IIS website object which handles both the HTTP and HTTPS traffic. Therefore the error you are seeing is a little odd.
What happens if you enter http://yadayada.com/path_to_any_file.html into a browser. Does it come up then?
ASKER
as suggested I tried what was mentioned above and it returned the same Forbidden error.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
thanks, it worked
You would need to create a page to use as the custom error. Something as simple as the HTML code I have attached would be fine.
You then need to associate that custom error page with the 403;4 HTTP Error which you see in the IIS console. This will ensure the redirect is performed when users hit your HTTP site and are prompted they must use HTTPS.
-Matt
Open in new window