Bookmark and Share Subscribe Bookmark and Share



Automatically Redirect HTTP requests to HTTPS using ASP


 « »    

It’s possible to Force SSL on web pages using ASP. In this article I will show you how to accomplish this. To do this you need to do 2 things.

  1. Create a ForceSSL.asp page
  2. Set the file as an include on any pages that require SSL


Within your website create a file called ForceSSL.asp. I usually put this file in a directory called includes. You can get a copy of the file I used in this example here:

ForceSSL.asp contents:


If Request.ServerVariables("SERVER_PORT")=80 Then

Dim strSecureURL

strSecureURL = "https://"

strSecureURL = strSecureURL & Request.ServerVariables("SERVER_NAME")

strSecureURL = strSecureURL & Request.ServerVariables("URL")

Response.Redirect strSecureURL

End If


Include File

On every ASP page that requires SSL you will need to add the “include virtual” statement below, you may need to modify it to the location of your ForceSSL.asp file. If you notice on the default.asp page I have created below, I have placed the “include virtual” statement at the top of the document, you want to put it on top so it will run first.

<!–include virtual=”/include/ForceSSL.asp” –>

When implementing this solution you need to make sure to use relative paths for all references on your page because there is a possibility you will get a warning asking you if you want to display secure and insecure items. For example, if you have a logo on your page and the URL to this logo is http://domain/images/logo.jpg, do not use the whole path because including the http:// will hard code this image to use http and not https. Instead use /images/logo.jpg.

Series NavigationAutomatically Redirect HTTP requests to HTTPS on IIS 6Automatically Redirect HTTP requests to HTTPS on IIS 7Automatically Redirect HTTP requests to HTTPS on IIS 7 using URL Rewrite 2.0

    Did I save you time and headaches? Buy me a cup of coffee.
    The more coffee I drink the more articles I can write.

5 Comments so far

  1. Hmm it looks like your site ate my first comment (it was super long)

    so I guess I’ll just sum it up what I had written and

    say, I’m thoroughly enjoying your blog. I as well am an aspiring blog blogger but I’m still new to everything.

    Do you have any suggestions for novice blog writers? I’d definitely appreciate


  2. Include Command should be like this:
    <!–-#include virtual=”/include/ForceSSL.asp” -–>
    or maybe someone is using file="/ForceSSL.asp"

    but anyway this is woking :)

  3. Have you ever considered about adding a little bit more than just your articles?

    I mean, what you say is important and all. However just imagine if you added some great images or video clips to give your posts more,

    “pop”! Your content is excellent but with pics and clips, this blog could definitely

    be one of the greatest in its niche. Wonderful blog!

  4. In fact when someone doesn’t understand then its

    up to other viewers that they will help, so here it occurs.

Leave a comment

Trackbacks on this post

  1. I-Books And Trainings: Adobe Dreamweaver E-Books Collection | ColdFusion WebDev Insider

    […] Automatically Redirect HTTP requests to HTTPS using ASP | JPPinto … […]