469,626 Members | 1,392 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,626 developers. It's quick & easy.

Force entire site HTTPS using Web.Config

I know this can be done in IIS, and it may even be the preferred method
but can someone help me redirect every http request to https? I think
it could be done in the global.asax.cs or web.config but would like to
know the best way first...

Thank you for any help.
Curt

Sep 6 '06 #1
3 11795
<cu**********@gmail.comwrote in message
news:11**********************@d34g2000cwd.googlegr oups.com...
>I know this can be done in IIS, and it may even be the preferred method
but can someone help me redirect every http request to https? I think
it could be done in the global.asax.cs or web.config but would like to
know the best way first...
I've never found anything better than this:
http://www.codeproject.com/aspnet/We...id=53615&exp=0
Sep 6 '06 #2
Thanks Mark,

I have this for now, I'll try that next & see if there are any
differences in speed

protected void Application_BeginRequest(Object sender, EventArgs e)
{
if (HttpContext.Current.Request.IsSecureConnection.Eq uals(false))
{
Response.Redirect("https://" + Request.ServerVariables["HTTP_HOST"]
+ HttpContext.Current.Request.RawUrl);
}
}

Mark Rae wrote:
<cu**********@gmail.comwrote in message
news:11**********************@d34g2000cwd.googlegr oups.com...
I know this can be done in IIS, and it may even be the preferred method
but can someone help me redirect every http request to https? I think
it could be done in the global.asax.cs or web.config but would like to
know the best way first...

I've never found anything better than this:
http://www.codeproject.com/aspnet/We...id=53615&exp=0
Sep 6 '06 #3
<cu**********@gmail.comwrote in message
news:11**********************@b28g2000cwb.googlegr oups.com...
Thanks Mark,

I have this for now, I'll try that next & see if there are any
differences in speed

protected void Application_BeginRequest(Object sender, EventArgs e)
{
if (HttpContext.Current.Request.IsSecureConnection.Eq uals(false))
{
Response.Redirect("https://" + Request.ServerVariables["HTTP_HOST"]
+ HttpContext.Current.Request.RawUrl);
}
}
I'm sure that will work OK for the single requirement that you have, whereas
WebPageSecurity.dll forces individual folders and files to be secure or not
Sep 6 '06 #4

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

reply views Thread by SteveJ | last post: by
7 posts views Thread by John McDermidt | last post: by
3 posts views Thread by JIM.H. | last post: by
1 post views Thread by Jeff | last post: by
2 posts views Thread by Sergej Prokoviev | last post: by
reply views Thread by gheharukoh7 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.