Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Limiting traffic to SSL version of page only

We have an external service that is currently accessible via the http (port 80, non-SSL) and https (port 443, SSL) addresses.

What is the best way to limit connections to only the https address? Is it something we can do via IIS or does it have to be done via code.

Additional info: Regular ASP.NET web service (.asmx) running on IIS on Windows 2003 server. Service is built with C# on .NET 3.5.

like image 600
mattsmith321 Avatar asked Mar 01 '23 08:03

mattsmith321


1 Answers

  1. Require SSL on the application
  2. In a custom error page for the 403 redirect the browser to the incoming URL, changing http to https along the way.

Note: Keep port 80 open for this - or there won't be a server to listen for requests to redirect.

like image 143
Greg Hurlman Avatar answered Mar 05 '23 15:03

Greg Hurlman