Any problems with using a 301 redirect to force https traffic in IIS?
Posted
by
Jess
on Server Fault
See other posts from Server Fault
or by Jess
Published on 2011-06-28T05:27:29Z
Indexed on
2011/06/28
8:24 UTC
Read the original article
Hit count: 265
Is there any problem with using a 301 redirect to force all traffic to go to a secure-only site? We originally had redirect rules, but enforcing SSL-only seemed more secure. Here is how we set it up:
Site 1: https://example.com/
Require SSL set
Bound to 443 only
Site 2: http://example.com
Bound to 80 only
Empty folder - no actual html or other data
301 Redirects to https://example.com
This seems to work beautifully, but are there any issues with doing this? Would any browsers not recognize the 301 redirect, or could there be security warnings during the redirect?
© Server Fault or respective owner