Re: Getting default of https:// instead of http://

• Previous message: Miha Pihler [MVP]: "Re: 403 Forbidden - The server denies the specified (URL)."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 18 Jan 2005 08:53:22 -0800

This only works if the end user has "show friendly HTTP error messages"
turned OFF in IE. If they don't have it turned off, IE will give them a
locally generated error message and never even look at the custom
403.4.

This is *not* an issue with Firefox/Netscape/any other non-IE browser.

David Wang [Msft] wrote:
> This is also a FAQ, so make good use of Google...
>
> Actually, you're asking the wrong question... You cannot force IIS
to use
> https://www.mysite.com because IIS does not make the decision of what
> protocol to use on a given request.
>
> When someone types in www.mysite.com, the BROWSER/CLIENT CHOOSES a
default
> protocol, like http://, to prepend to the URL and make the request.
>
> What you CAN do is configure IIS to only accept SSL requests. Now,
when a
> browser makes a http:// request, IIS will respond with a 403.4 custom
error
> telling the browser "this web page requires SSL". However, browsers
will
> just dumbly display that custom error... so what you have to do is
change
> the 403.4 custom error that IIS responds with to be a 302 redirection
to
> https:// (sorta like the web server telling the browser "hey you, I
don't
> accept HTTP requests, but if you let me redirect you to this HTTPS
URL, we
> can try that again" ).
>
> This is pretty easy to do -- create a ASP page that uses
Response.Redirect ,
> set it for the 403.4 custom error, and turn on "SSL-only" at the root
of
> your website.
>
> Now, if you also need vdirs that are NOT SSL-only, you obviously need
to
> configure them specifically to accept non-SSL requests (uncheck the
"only
> accept SSL requests" option) and change their 403.4 custom error as
> appropriate.
>
> --
> //David
> IIS
> This posting is provided "AS IS" with no warranties, and confers no
rights.
> //
> "David" <anonymous@discussions.microsoft.com> wrote in message
> news:52E16370-54EE-4732-80EF-CF20B0E0D58D@microsoft.com...
> I am using SSL on the root of my web site. How can I force IIS to
use
> "https://www.mysite.com" instead of the default
"http://www.mysite.com" when
> someone types in "www.mysite.com"
>
> Thanks in advance.
>
> David Johnson

• Previous message: Miha Pihler [MVP]: "Re: 403 Forbidden - The server denies the specified (URL)."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]