Improve company productivity with a Business Account.Sign Up

x
?
Solved

URL Rewrite

Posted on 2011-02-12
10
Medium Priority
?
615 Views
Last Modified: 2012-05-11
Hi EE,

I need to redirect users in my web.config file if a user tries to enter http://mysite.com/secure which should be https://mysite.com/secure. Is there a way to do this in the web.config file such as URL Rewrite? I don't have access to IIS since I'm on a Shared Hosting Plan so it needs to be done in web.config file.

Thanks in advance!!!
0
Comment
Question by:asp_net2
10 Comments
 
LVL 8

Expert Comment

by:Yiogi
ID: 34880803
You can do it easily in your global.asax. Just add this method, or add the code inside it, if you already have the method specified.


protected void Application_BeginRequest(Object sender, EventArgs e)
{
   if (!HttpContext.Current.Request.IsSecureConnection)
   {
    Response.Redirect("https://" + Request.ServerVariables["HTTP_HOST"]
+   HttpContext.Current.Request.RawUrl);
   }
}

Open in new window

0
 
LVL 4

Author Comment

by:asp_net2
ID: 34881008
Hi Yiogi,

Ok, but where do I put the URL that I want to have redirected to https at?
0
 
LVL 11

Expert Comment

by:SAMIR BHOGAYTA
ID: 34887365
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
LVL 4

Author Comment

by:asp_net2
ID: 34887594
That does not show how to redirect a user who visits http://www.mysite.com to https://www.mysite.com. I need to have the http site redirected to https. Can  you show me how to do this?
0
 
LVL 13

Expert Comment

by:Rahul Agarwal
ID: 34893877
add global.asax file from right click on project in solution explorer->add new items->add global.asax file.

Put this code:

protected void Application_BeginRequest(Object sender, EventArgs e)
{
   if (!HttpContext.Current.Request.IsSecureConnection)
   {
    Response.Redirect("https://" + Request.ServerVariables["HTTP_HOST"]
+   HttpContext.Current.Request.RawUrl);
   }
}
0
 
LVL 8

Expert Comment

by:Yiogi
ID: 34895643
You will not put the url to redirect to anywhere. It will redirect the user to the exact same url he typed in the address but to secure version of the page instead. So if for example user navigated to:

http://www.mysite.com/test/default.aspx?asds=value

he will be redirected to:
https://www.mysite.com/test/default.aspx?asds=value

This is exactly what Request.ServerVariables["HTTP_HOST"] +   HttpContext.Current.Request.RawUrl
will do for you. Replace the url with the one the user originally navigated to. That is the beauty of it.
0
 
LVL 4

Author Comment

by:asp_net2
ID: 34896233
Hi Yiogi,

Not sure where to put the http URL at in the following code that you provided below.


protected void Application_BeginRequest(Object sender, EventArgs e)
{
   if (!HttpContext.Current.Request.IsSecureConnection)
   {
    Response.Redirect("https://" + Request.ServerVariables["HTTP_HOST"]
+   HttpContext.Current.Request.RawUrl);
   }
}
0
 
LVL 8

Accepted Solution

by:
Yiogi earned 2000 total points
ID: 34921392
Ok let me try and explain better. You put the code I provided in global.asax file. That will fire when someone tries to access your website.

"if (!HttpContext.Current.Request.IsSecureConnection)" will check if the user is using an SSL connection. If he/she is nothing will happen. If he/she isn't using a secure connection then he will be redirected to:
"https://" +
Request.ServerVariables["HTTP_HOST"] will return the current website domain name. For example www.experts-exchange.com
and then finally we append the remaining of the user request with HttpContext.Current.Request.RawUrl. So for example if I had that code in the experts exchange website (assuming the website was asp.net which it isn't, but let's assume it is for the sake of the example) and visited this page which is:

http://www.experts-exchange.com/Networking/Protocols/Application_Protocols/SSL/Q_26817595.html?cid=1572#a34896233

it would automatically redirect me to:
http://www.experts-exchange.com/Networking/Protocols/Application_Protocols/SSL/Q_26817595.html?cid=1572#a34896233

The breakdown in the commands above is
https:// = "https://"
www.experts-exchange.com/    = Request.ServerVariables["HTTP_HOST"]
Networking/Protocols/Application_Protocols/SSL/Q_26817595.html?cid=1572#a34896233  = HttpContext.Current.Request.RawUrl

Is that clear enough for you?

0
 
LVL 4

Author Comment

by:asp_net2
ID: 34939002
Hi Yiogi,

No, still confused, you are showing the same URL's above. You also mention asp.net as an example but not in the code you provided. All my pages DO NOT require SSL only a certain directory such as "client/secure/index.aspx" so i need to make sure that if someone types in http://mysite.com/client/secure/index.aspx they get redirected to https://mysite.com/client/secure/index.aspx.
0
 
LVL 8

Expert Comment

by:Yiogi
ID: 34939462
Ah ok, I apologize I thought you wanted it for all the pages.

The code I have there will redirect the user to SSL for any page in the website if you place it in the global.asax file.

Just place the code below in your index.aspx.cs then. And you are all set.
protected override void OnInit(EventArgs e) {
        base.OnInit(e);
        if (!HttpContext.Current.Request.IsSecureConnection) {
            Response.Redirect("https://" + Request.ServerVariables["HTTP_HOST"] + HttpContext.Current.Request.RawUrl);
        }
    }

Open in new window

0

Featured Post

Building an Effective Phishing Protection Program

Join Director of Product Management Todd OBoyle on April 26th as he covers the key elements of a phishing protection program. Whether you’re an old hat at phishing education or considering starting a program -- we'll discuss critical components that should be in any program.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
Simulator games are perfect for generating sample realistic data streams, especially for learning data analysis. It is even useful for demoing offerings such as Azure stream analytics, PowerBI etc.
Through the video, you can check the migration process of Outlook PST file to PDF. Kernel for Outlook to PDF tool can convert Outlook emails with all attributes like Subject, To, From, Cc, Bcc and other folders such as Inbox, Outbox, Sent Items, Jun…
Watch the software video of Kernel Import PST to Office 365 tools which can easily import PST and OST files to Office 365 for bulk mailboxes. The process of migration is simple and user can map source and destination mailboxes and easily import data…

579 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question