HTTPS Redirect on Windows IIS

Redirecting HTTP to HTTPS on Windows IIS (web.config)

Today, someone commented on my post about redirecting to HTTPS using .htaccess and said:

You always share content related to Linux and PHP. What you wrote here is exactly what I need, but I use Windows IIS. Your solution doesn’t work for me because .htaccess doesn’t apply. Is there a way to do the same thing in Windows IIS?

Here’s how I responded:

Sorry, I don’t have much experience with Windows — I even use Linux at home. So most of my posts are about Linux, cPanel, and PHP. But if it’s something I’ve encountered or solved before (I’m stubborn, so I probably solved it), I’d be happy to help. Regarding your question: yes, you can absolutely redirect to HTTPS on Windows IIS — it just uses a different method and file.

Unlike Linux servers where you use .htaccess, on Windows IIS servers the redirection is done using the web.config file. You either need to update your existing web.config file or create one in your site’s root directory with the following rules:

<configuration>
  <system.webServer>
    <rewrite>
      <rules>
        <rule name="redirectToHTTPS" stopProcessing="true">
          <match url="(.*)" />
          <conditions>
            <add input="{HTTPS}" pattern="off" ignoreCase="true" />
          </conditions>
          <action type="Redirect" redirectType="Permanent" url="https://{HTTP_HOST}/{R:1}" />
        </rule>
      </rules>
    </rewrite>
  </system.webServer>
</configuration>

That’s it! Once this is in place, your site will automatically redirect all HTTP requests to HTTPS on Windows IIS.

See you around…