[英]How can I enforce IIS 8.5 Web Deploy to use SSL (HTTPS) Only
I've just set-up a website on Windows 2012 (IIS 8.5). 我刚刚在Windows 2012(IIS 8.5)上建立了一个网站。
I'm using Visual Studio 2013, and I'm wanting to configure Web Deploy so that our developers can only deploy over SSL (HTTPS). 我正在使用Visual Studio 2013,并且想要配置Web Deploy,以便我们的开发人员只能通过SSL(HTTPS)进行部署。
In the website settings I've configured the SSL for the site; 在网站设置中,我已经为网站配置了SSL;
For the website binding, I only have HTTPS present; 对于网站绑定,我只使用HTTPS。
However it seems that I can still publish using WebDeploy over HTTP and I can browse to the site using HTTP, even though the file in this case wasn't found. 但是,即使没有找到这种情况下的文件,似乎我仍然可以通过HTTP使用WebDeploy进行发布,并且可以使用HTTP浏览到站点。
My main requirement is to stop developers being able to publish over HTTP. 我的主要要求是阻止开发人员能够通过HTTP发布。 How can I achieve this ?
我该如何实现?
I think you should try to redirect all HTTP Requests towards HTTPS 我认为您应该尝试将所有HTTP请求重定向到HTTPS
URL rewriting in IIS 7+: http://blogs.msdn.com/b/kaushal/archive/2013/05/23/http-to-https-redirects-on-iis-7-x-and-higher.aspx IIS 7+中的URL重写: http : //blogs.msdn.com/b/kaushal/archive/2013/05/23/http-to-https-redirects-on-iis-7-x-and-higher.aspx
Make sure that you don't have another IIS web site (usually the Default Web Site) that binds to port 80 with All unsigned IP address and no host header. 确保您没有其他IIS网站(通常是默认网站)绑定到具有所有未签名IP地址且没有主机头的端口80。 That kind of site is a "catch-all" site that gives you the 404.
这类网站是为您提供404的“全面”网站。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.