Forward http to https in Azure

Question

We have a deployment on Azure with a Web Role that uses https. Since this is the only way we would like our users to access the system, we want to forward users that visit the http version to the https version.

We have tried the recommendations here .

Namely, we added the following to our web.config:

<system.webServer>
<rewrite>
  <rules>
    <rule name="HTTP to HTTPS redirect" stopProcessing="true">
      <match url="(.*)" />
      <conditions>
        <add input="{HTTPS}" pattern="off" ignoreCase="true" />
      </conditions>
      <action type="Redirect" redirectType="Found" url="https://{HTTP_HOST}/{R:1}" />
    </rule>
  </rules>
</rewrite>

However, this doesn't seem to work. Does anybody have any idea how to accomplish this? It seems like it would be a common request...

Answer 1

Smarx just made a blog post about this a couple of minutes again;)

http://blog.smarx.com/posts/redirecting-to-https-in-windows-azure-two-methods

In case the site goes down here is a summary:

IIS URL Rewrite

If you're not using ASP.NET MVC but are using IIS (as in a web role), you can use the URL Rewrite module , which is installed by default. Using this module to redirect to HTTPS is fairly trivial and documented elsewhere, but getting everything to work properly in the local compute emulator is non-trivial. In particular, most examples you'll find assume that HTTP traffic will always be on port 80, which isn't always the case when testing under the compute emulator. Here's a rule that seems to work locally and in the cloud:

<system.webServer>
  <rewrite>
    <rules>
      <rule name="Redirect to HTTPS">
        <match url="(.*)" />
        <conditions>
          <add input="{HTTPS}" pattern="off" ignoreCase="true" />
          <add input="{URL}" pattern="/$" negate="true" />
          <add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
        </conditions>
        <action type="Redirect" url="https://{SERVER_NAME}/{R:1}" redirectType="SeeOther" />
      </rule>
    </rules>
  </rewrite>

Answer 2

Just adding to Kevin Cloet's answer to Smarx's blog. To set RequireHttps attribute only in Release mode, you can use HttpContext.Current.IsDebuggingEnabled

    public static void RegisterGlobalFilters(GlobalFilterCollection filters) {

        if (!HttpContext.Current.IsDebuggingEnabled) {
            filters.Add(new RequireHttpsAttribute());
        }
    }

Please refer to this link: https://stackoverflow.com/a/27324439/1933168

Answer 3

Adding to the answers already mentioned here. This is obvious once you think about it but wasn't to me when I first read this post.

You do have to ensure you are opening up port 80 and binding it to your site via your ServiceDefinition file for this to work.

Sample entries look like:

   <Sites>
      <Site name="Web" physicalDirectory=".\SitesRoot">
        <VirtualDirectory name="www" physicalDirectory=".\SitesRoot\dist" />
        <Bindings>
          <Binding name="HttpsEndpoint" endpointName="HttpsEndpoint" />
          <Binding name="HttpEndpoint" endpointName="HttpEndpoint" />
        </Bindings>
      </Site>
    </Sites>

    <Endpoints>
      <InputEndpoint name="HttpsEndpoint" protocol="https" port="443" certificate="MY_SSL_CERT.pfx" />
      <InputEndpoint name="HttpEndpoint" protocol="http" port="80" />
    </Endpoints>

Answer 4

The easiest way to do it is to install the Redirect HTTP to HTTPS extension.

To install it, open up your Web App from the Dashboard and click on the Extensions tab.

Search for Redirect HTTP to HTTPS and install it.

That's it. No setup or complicated config instructions