November Happy Hour will be moved to Thursday December 5th.

AI OnAI Off

Is it possible to force HTTPS within the CMS?

Jallen
Jallen
Vote:
 

Hello,

We have HTTPS set up and working on our site. We force HTTPS on some pages by redirecting from HTTP to HTTPS in code.

Is there any way to configure EPiServer to force HTTPS in the CMS in a similar way, so that when the user goes to the EPiServer login page on HTTP it automatically switches over to HTTPS?

Thanks

#114163
Dec 05, 2014 11:30
Henrik Fransas
Henrik Fransas
Vote:
 

This is code, but only in web.config.

You can put this in the system.webserver inside the location /EPiServer and it will redirect it to https for that url and all below it:

<rewrite>
            <rules>
                <clear />
                <rule name="Redirect to https" stopProcessing="true">
                    <match url="(.*)" />
                    <conditions>
                        <add input="{HTTPS}" pattern="off" ignoreCase="true" />
                    </conditions>
                    <action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Permanent" appendQueryString="false" />
                </rule>
            </rules>
        </rewrite>
#114172
Dec 05, 2014 12:17
Jallen
Jallen
Vote:
 

That works great, thanks!

#114182
Dec 05, 2014 12:56
This topic was created over six months ago and has been resolved. If you have a similar question, please create a new topic and refer to this one.
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.