I have a little question about SSL. I have a website that we have purchased SSL and made some rewright rules in web.config. But the problem is, sometimes we can not redirect to https version. When we type the domain with https, it work perfectly, but when we delete https, we can not redirect to secure version of the site. Here is our web.config file (for privacy, I have hanged our site name as example.com);
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="Redirect to www" enabled="false" stopProcessing="true">
<match url="(.*)" />
<conditions trackAllCaptures="false">
<add input="{HTTP_HOST}" pattern="^example.COM$" />
</conditions>
<action type="Redirect" url="{MapProtocol:{HTTPS}}://www.example.com/{R:1}" />
</rule>
<rule name="AngularJS Routes" enabled="true" stopProcessing="true">
<match url=".*" />
<conditions logicalGrouping="MatchAll">
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
</conditions>
<action type="Rewrite" url="/" logRewrittenUrl="false" />
</rule>
<rule name="Redirect HTTP to HTTPS" enabled="false" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{HTTP_URL}" appendQueryString="false" redirectType="SeeOther" />
</rule>
<rule name="Force non-WWW and SSL" enabled="true" stopProcessing="true">
<match url="(.*)" negate="true" />
<conditions logicalGrouping="MatchAny">
<add input="{HTTP_HOST}" pattern="^(www\.)(.*)$" />
<add input="{HTTPS}" pattern="off" />
</conditions>
<action type="Redirect" url="https://example.com/{R:0}" appendQueryString="true" redirectType="Permanent" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
What can we do more to be sure that every time we will be redicting to secure version (https) of the link?
Did you use one of these Apache, IIS,Tomcat,Nginx? You have to set let http redirect to https.