A production deployment of SharePoint 2013 or 2016 should ensure that all HTTP traffic is encrypted in transit, however many users will still type http:// in their browser or have links that point to http:// instead of https://. In these cases it can beneficial to automatically redirect users to the proper URL. One way of accomplishing this is the URL Rewrite module for IIS.
Key Terms
Rewrite - Modifies the incoming URL, the outgoing URL, or both.
Redirection - Uses HTTP status codes such as 301 or 302 to redirect the client to a different location. This involves an additional client round trip.
Supportability for SharePoint
The support for redirects and rewrites with SharePoint is documented in
KB2818415. Since a HTTP 301/302 redirect to inform the browser of the updated URL is the preferred option for SharePoint, that will be the focus of this post. Please note that 301/302 redirects may not work with Office client applications.
Uses for redirect
In most cases a redirect is used for one of two reasons:
- Redirecting the user from http to https to enforce SSL communication. When a SharePoint farm is load balanced this is typically done using the load balancer but it some cases can be done on the SharePoint server or another server running IIS by using the IIS URL Rewrite module
- Redirecting a user who has a stale URL, typically when the name is changed during a farm migration or upgrade. This can also be done using a load balancer or any IIS server by implementing the URL Rewrite module.
Step by Step Instructions for HTTP to HTTPS redirect
#1 Download the URL Rewrite tool by following the instructions here
#2 Ensure that the IIS site you are using is configured for the proper port 80 binding. In this case we are listening for all traffic on port 80. But you could restrict this based on host header as needed
#3 Create a new URL rewrite rule
#4 Configure Rule Settings Exactly as follows
Note: In this example {HTTPS}, {HTTP_HOST}, and {REQUEST_URI} are all URL parts that can be accessed using the URL Rewrite module. More information on URL parts can be found
here.
#5 Apply the rule
#6 From the top node disable and enable the rule (alternatively perform IISReset)
Note: web.config file modifications
The URL rewrite rules get written to the web.config file for the site you are working in. For example, the above configuration should result in this addition to the web.config file:
1
2
3
4
5
6
7
8
9
10
11
|
name="Redirect to http" enabled="true" patternSyntax="Wildcard" stopProcessing="true">
url="*" negate="false" />
logicalGrouping="MatchAny">
input="{HTTPS}" pattern="off" />
type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Found" />
|