Solved

URL Rewrite

Posted on 2011-02-12
10
593 Views
Last Modified: 2012-05-11
Hi EE,

I need to redirect users in my web.config file if a user tries to enter http://mysite.com/secure which should be https://mysite.com/secure. Is there a way to do this in the web.config file such as URL Rewrite? I don't have access to IIS since I'm on a Shared Hosting Plan so it needs to be done in web.config file.

Thanks in advance!!!
0
Comment
Question by:asp_net2
10 Comments
 
LVL 8

Expert Comment

by:Yiogi
ID: 34880803
You can do it easily in your global.asax. Just add this method, or add the code inside it, if you already have the method specified.


protected void Application_BeginRequest(Object sender, EventArgs e)
{
   if (!HttpContext.Current.Request.IsSecureConnection)
   {
    Response.Redirect("https://" + Request.ServerVariables["HTTP_HOST"]
+   HttpContext.Current.Request.RawUrl);
   }
}

Open in new window

0
 
LVL 4

Author Comment

by:asp_net2
ID: 34881008
Hi Yiogi,

Ok, but where do I put the URL that I want to have redirected to https at?
0
 
LVL 11

Expert Comment

by:SAMIR BHOGAYTA
ID: 34887365
0
Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

 
LVL 4

Author Comment

by:asp_net2
ID: 34887594
That does not show how to redirect a user who visits http://www.mysite.com to https://www.mysite.com. I need to have the http site redirected to https. Can  you show me how to do this?
0
 
LVL 13

Expert Comment

by:agarwalrahul
ID: 34893877
add global.asax file from right click on project in solution explorer->add new items->add global.asax file.

Put this code:

protected void Application_BeginRequest(Object sender, EventArgs e)
{
   if (!HttpContext.Current.Request.IsSecureConnection)
   {
    Response.Redirect("https://" + Request.ServerVariables["HTTP_HOST"]
+   HttpContext.Current.Request.RawUrl);
   }
}
0
 
LVL 8

Expert Comment

by:Yiogi
ID: 34895643
You will not put the url to redirect to anywhere. It will redirect the user to the exact same url he typed in the address but to secure version of the page instead. So if for example user navigated to:

http://www.mysite.com/test/default.aspx?asds=value

he will be redirected to:
https://www.mysite.com/test/default.aspx?asds=value

This is exactly what Request.ServerVariables["HTTP_HOST"] +   HttpContext.Current.Request.RawUrl
will do for you. Replace the url with the one the user originally navigated to. That is the beauty of it.
0
 
LVL 4

Author Comment

by:asp_net2
ID: 34896233
Hi Yiogi,

Not sure where to put the http URL at in the following code that you provided below.


protected void Application_BeginRequest(Object sender, EventArgs e)
{
   if (!HttpContext.Current.Request.IsSecureConnection)
   {
    Response.Redirect("https://" + Request.ServerVariables["HTTP_HOST"]
+   HttpContext.Current.Request.RawUrl);
   }
}
0
 
LVL 8

Accepted Solution

by:
Yiogi earned 500 total points
ID: 34921392
Ok let me try and explain better. You put the code I provided in global.asax file. That will fire when someone tries to access your website.

"if (!HttpContext.Current.Request.IsSecureConnection)" will check if the user is using an SSL connection. If he/she is nothing will happen. If he/she isn't using a secure connection then he will be redirected to:
"https://" +
Request.ServerVariables["HTTP_HOST"] will return the current website domain name. For example www.experts-exchange.com
and then finally we append the remaining of the user request with HttpContext.Current.Request.RawUrl. So for example if I had that code in the experts exchange website (assuming the website was asp.net which it isn't, but let's assume it is for the sake of the example) and visited this page which is:

http://www.experts-exchange.com/Networking/Protocols/Application_Protocols/SSL/Q_26817595.html?cid=1572#a34896233

it would automatically redirect me to:
http://www.experts-exchange.com/Networking/Protocols/Application_Protocols/SSL/Q_26817595.html?cid=1572#a34896233

The breakdown in the commands above is
https:// = "https://"
www.experts-exchange.com/    = Request.ServerVariables["HTTP_HOST"]
Networking/Protocols/Application_Protocols/SSL/Q_26817595.html?cid=1572#a34896233  = HttpContext.Current.Request.RawUrl

Is that clear enough for you?

0
 
LVL 4

Author Comment

by:asp_net2
ID: 34939002
Hi Yiogi,

No, still confused, you are showing the same URL's above. You also mention asp.net as an example but not in the code you provided. All my pages DO NOT require SSL only a certain directory such as "client/secure/index.aspx" so i need to make sure that if someone types in http://mysite.com/client/secure/index.aspx they get redirected to https://mysite.com/client/secure/index.aspx.
0
 
LVL 8

Expert Comment

by:Yiogi
ID: 34939462
Ah ok, I apologize I thought you wanted it for all the pages.

The code I have there will redirect the user to SSL for any page in the website if you place it in the global.asax file.

Just place the code below in your index.aspx.cs then. And you are all set.
protected override void OnInit(EventArgs e) {
        base.OnInit(e);
        if (!HttpContext.Current.Request.IsSecureConnection) {
            Response.Redirect("https://" + Request.ServerVariables["HTTP_HOST"] + HttpContext.Current.Request.RawUrl);
        }
    }

Open in new window

0

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Object Oriented Programming, C#, referencing, scoping. 13 69
JSON  parse help 7 40
Running powershell scripts from ASP.NET 6 25
Why use this lambda? 12 26
For those of you who don't follow the news, or just happen to live under rocks, Microsoft Research released a beta SDK (http://www.microsoft.com/en-us/download/details.aspx?id=27876) for the Xbox 360 Kinect. If you don't know what a Kinect is (http:…
Real-time is more about the business, not the technology. In day-to-day life, to make real-time decisions like buying or investing, business needs the latest information(e.g. Gold Rate/Stock Rate). Unlike traditional days, you need not wait for a fe…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

792 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question