Hello Friend,
Many times we need to implement SSL (Secure Socket Layer|) certificate on website for data security. After SSL implementation you don't want to allow page access through http://.
If any one try to access website using http:// then he/she should be redirected in https://. So we can achieve this implementing below rule in asp.net Web.config file.
Code:-
<System.WebServer>
<rewrite>
<rules>
<rule name="Force HTTPS" enabled="true">
<match url="(.*)" ignoreCase="false" />
<conditions>
<add input="{HTTPS}" pattern="off" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" appendQueryString="true" redirectType="Permanent" />
</rule>
</rules>
</rewrite>
</System.WebServer>
We can also check visitors secure connection using Request.IsSecureConnection property.
Example:-
protected void Page_Load(object sender, EventArgs e)
{
if (!Request.IsSecureConnection) // check is secure connection used or not
{
Response.Redirect(Request.Url.AbsoluteUri.Replace("http://", "https://"));
// redirect visitor to http to https
}
}
0 Comment(s)