web.config direct to https

MasterJiq

Member
Jul 8, 2016
385
23
Hello,

Does someone here can share web.config to redirect to https ? I tried a lot of method and read a lot of stackoverflow's thread. All I get is 'Redirect is loop' do someone can share with me ? I am on IIS 7.5/7

Thanks.
 

Blasteh

Lord Farquaad
Apr 3, 2013
1,151
513
As far as I can see, you fixed the issue because I'm loading over HTTPS. I also see you're using Cloudflare.

Next time, another type of way to force HTTPS is to turn this on in Cloudflare:
You must be registered for see images attach


Then, create a page rule like this:
You must be registered for see images attach
 

Joe

Well-Known Member
Jun 10, 2012
4,088
1,915
Not sure if this has been solved/asked but do you have a voting API on your client.php file? If yes, do you get the redirection loop afterwards? I'm not sure how this thread has 3 pages for such a simple question.

If you do use a voting API (FindRetro's) then is your redirection URL in FR set to

Sorry if I've got the wrong end of the stick.
 

MayoMayn

BestDev
Oct 18, 2016
1,423
683
You can't use web.config to go to HTTPS and PHP wont know that you are on HTTPS or not because of the fact that the certificate is not on the server or so. I did get around this by writing some PHP code tho.
PHP:
public function thisFullURL($enableSSL = NULL) {
        $serverName = $_SERVER['SERVER_NAME'];
        $uri = $_SERVER['REQUEST_URI'];  
       
        if (isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] == 'on' || $_SERVER['HTTPS'] == 1) || isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') {
          $protocol = 'https://';
        }
        else {
          $protocol = 'http://';
        }
       
        $fullURL = $protocol.$serverName.$uri;
        $URL = $serverName.$uri;
       
        if ( $enableSSL && $protocol == 'http://' )
            header("location: https://{$URL}");
        else if( !$enableSSL && $protocol == 'https://' )
            header("location: http://{$URL}");
        else
            return $fullURL;
    }

Then you just have to pass true or false into the function true = SSL Redirection Enabled, false = SSL Redirection Disabled
Coded this for my framework, that both forces HTTPS and WWW if included in the website url.
PHP:
public function forceUrl()
    {
        $url = self::url();
        // Checks which protocol is used
        $proto = explode('://', $url);
        $proto = $proto[0];
        // Checks if protocol should be forced
        $protocheck = ($_SERVER['HTTP_X_FORWARDED_PROTO'] === $proto);
       
        // Checks if www should be included
        $iswwwset = (strstr($url, $proto . '://www.') ? "://www." : "://");
        $wwwhost = (strstr($_SERVER['HTTP_HOST'], "www.") !== false);
        $wwwcheck = ($iswwwset == "://www.") ?  (!$wwwhost) : ($wwwhost);

        if(!$protocheck || $wwwcheck) {
            $redirect = $url . $_SERVER['REQUEST_URI'];
            header('HTTP/1.1 301 Moved Permanently');
            header('Location: ' . $redirect);
        }
    }
 

Users who are viewing this thread

Top