DCSIMG
January 2009 - Posts - Dor Rotman`s Blog

January 2009 - Posts

How to Force Redirection From HTTP to HTTPS – The Easy (ISA) Way!

Yesterday I wrote a post about redirecting HTTP to HTTPS, which uses an IIS technique to perform the redirection. However, many IIS websites are connected to the internet using Microsoft ISA Server. So here’s an even easier technique to perform this:

1. Open the ISA Server snap-in in the Management Console, and open the the web server’s rules properties.
2. Go to the Bridging tab.
3. Check the box that says Redirect requests to SSL port.
4. Uncheck the box that says Redirect requests to HTTP port
5. Click OK.

isa-ssl

And that’s it!

Note that on other versions of ISA Server this window might look different, but I assume you got the idea… :)


Dor Rotman.

Posted 14 January 2009 08:21 PM by Dor Rotman | no comments
תגים:, , ,
How to Force Redirection From HTTP to HTTPS on IIS 6.0

Lets say your clients write HTTP://myserver.lab to get to your site, but you want to redirect them automatically to an SSL secured site: HTTPS://myserver.lab. Unfortunately, performing this redirection in IIS 6 not a regular feature, but there’s a nice trick to do it.

Note:

  • This process will cause some downtime and disconnect all active user sessions on the website.
  • If you have a server farm, make sure you perform this procedure on all servers.


Instructions for making your site accept HTTPS only:

I assume you already have a website set up on port 80.

1. Open IIS and right click on your website. Click Properties and go to the Web Site tab.
You can see that it uses port 80.

Properties Dialog

2. Now change the port to 81, or any other port you’d like your firewall to block.
That’s right, we’re blocking it since we don’t clients to ever reach our website on unsecured communications.

3. Now type in 443 for the SSL port. That’s the standard. Click OK.

4. Create a new website in IIS. Call it “mydomain.lab Redirect” (for example) and map it to port 80. If you’re using a host header, use the same host header as your original site.

Wizard

This site is intended to be empty. We will use an IIS technique to redirect our clients.

5. This is how our IIS server looks like:


The real site is on port 81 with SSL on, and the Redirect site is on port 80.

 

6. Right click on the “mydomain.lab Redirect” website and click Properties. Go to the Home Directory tab.


7. Choose A redirection to a URL. Type in the address of your website, with an HTTPS protocol.

Now here are your choices:

  • If you want to redirect to the same exact address, only on HTTPS – that’s all you need to do.
  • If you want to redirect to a certain page, like a login page – check the “The exact URL entered above” box.
  • If this redirection is permanent – and I guess it is: Check the 3rd box. It will send a different HTTP Redirect response which will tell browsers to update their cookies accordingly.

Finally, click OK and test the new configuration.

So what did we do?

We changed the listening port of the website from 80 to something else, and created a different “redirector” website that listens to it. The redirector tells the browser to switch to SSL, and now the new HTTP request goes to the original website.

Now just don’t forget to block the new port you chose for the website!

Enjoy. :)

Dor Rotman.

Posted 13 January 2009 06:04 PM by Dor Rotman | 21 comment(s)
תגים:, , ,