Automatically Redirect HTTP requests to HTTPS using ASP
|« Adding a custom search result Column (metadata) to MOSS Advanced Search||Externalizing SharePoint Content with StoragePoint »|
Series: Redirecting HTTP to HTTPS
- Automatically Redirect HTTP requests to HTTPS on IIS 6
- Automatically Redirect HTTP requests to HTTPS on IIS 7
- Automatically Redirect HTTP requests to HTTPS using ASP
- Automatically Redirect HTTP requests to HTTPS on IIS 7 using URL Rewrite 2.0
It’s possible to Force SSL on web pages using ASP. In this article I will show you how to accomplish this. To do this you need to do 2 things.
- Create a ForceSSL.asp page
- Set the file as an include on any pages that require SSL
Within your website create a file called ForceSSL.asp. I usually put this file in a directory called includes. You can get a copy of the file I used in this example here: ForceSSL.zip
<% If Request.ServerVariables("SERVER_PORT")=80 Then Dim strSecureURL strSecureURL = "https://" strSecureURL = strSecureURL & Request.ServerVariables("SERVER_NAME") strSecureURL = strSecureURL & Request.ServerVariables("URL") Response.Redirect strSecureURL End If %>
On every ASP page that requires SSL you will need to add the “include virtual” statement below, you may need to modify it to the location of your ForceSSL.asp file. If you notice on the default.asp page I have created below, I have placed the “include virtual” statement at the top of the document, you want to put it on top so it will run first.
<!–include virtual=”/include/ForceSSL.asp” –>
When implementing this solution you need to make sure to use relative paths for all references on your page because there is a possibility you will get a warning asking you if you want to display secure and insecure items. For example, if you have a logo on your page and the URL to this logo is http://domain/images/logo.jpg, do not use the whole path because including the http:// will hard code this image to use http and not https. Instead use /images/logo.jpg.