Products

Solutions

Learn More

Partners

Community

Blog

About

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen

HomeHomeUsing DNN Platf...Using DNN Platf...Administration ...Administration ...Setting up an HTTP/HTTPS redirect in IIS - using URL RewriteSetting up an HTTP/HTTPS redirect in IIS - using URL Rewrite
Previous
 
Next
New Post
6/12/2018 11:40 AM
 

i'd like to make our entire DNN site secure and accessible only via HTTPS.

I'd like to re-direct all HTTP traffic to HTTPS.

I've followed this guide for a non-dnn site and it works as expected - all http pages are redirected to https.

However, when trying the same for our DNN site - it gives the following error (for each http page):

Can’t reach this page
  • Check that all network cables are plugged in.
  • Verify that airplane mode is turned off.
  • Make sure your wireless switch is turned on.
  • See if you can connect to mobile broadband.
  • Restart your router.

More information More information

There were too many redirections.

Error Code: INET_E_REDIRECT_FAILED

it doesn't seem to like this version of redirect.

Is there a way around this? Without having to enable each page individually to be secure (under advanced settings >> other settings >> [ ] Secure)?

thanks

 
New Post
6/13/2018 10:41 AM
 

Mark,

do you have the Url Rewriter module installed in IIS? If not, do so.

Then you need a rewriting rule in your web.config, looking like this (in the system.webserver section):

<rewrite>
   <rules>
      <rule name="HTTP to HTTPS redirect" stopProcessing="true">
         <match url="(.*)" />
         <conditions>
            <add input="{HTTPS}" pattern="off" ignoreCase="true" />
         </conditions>
         <action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Permanent" />
      </rule>
   </rules>
</rewrite>


I have written a blog about DNN security, these steps are part of installing a certificate (in my case LetsEncrypt), but the blog is in German. Here is a Google translation of the article.

Having said that I have to mention a potential security issue that results from such a redirection. Read this article, section Try not to redirect from HTTP to HTTPS.

Happy DNNing!
Michael


Michael Tobisch
DNN★MVP
dnn-Connect.org - The most vibrant community around the DNN-platform
 
New Post
6/13/2018 11:20 AM
 

yes Michael,

I have the URL ReWriter and i used it to generate the script.
This is the script generated in my web config:

<rewrite>
   <rules>
      <rule name="redirect to HTTPS" stopProcessing="true">
         <match url="(.*)" />
         <conditions>
            <add input="{HTTPS}" pattern="^off$" />
         </conditions>
         <action type="Redirect" url="https://{HTTP_HOST}/{R:1}"  />
      </rule>
   </rules>
</rewrite>

 

It is slightly different, but i tried your example too, but I  still get the same error and the page won't display at all.

 
New Post
6/13/2018 1:56 PM
 
Mark,

do you have the "Secure" setting activated for the pages? This is not necessary as far as I experienced and could be the reason why you have too many redirects.

Happy DNNing!
Michael

Michael Tobisch
DNN★MVP
dnn-Connect.org - The most vibrant community around the DNN-platform
 
New Post
6/13/2018 2:16 PM
 

I have 'Secure' checked on the pages which use a webform and these pages work ok.

The problem is on all the other pages which do not have a webform and therefore do not have the 'Secure' check box selected - these pages won't work using the URL ReWriter script.

I suppose I could manually make all the other pages secure, but there are about 100 pages and I was hoping there was a better way of doing this.

thanks for the replies.

 
Previous
 
Next
HomeHomeUsing DNN Platf...Using DNN Platf...Administration ...Administration ...Setting up an HTTP/HTTPS redirect in IIS - using URL RewriteSetting up an HTTP/HTTPS redirect in IIS - using URL Rewrite


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.

Content Layout

Subscribe to DNN Digest

Subscribe to DNN Digest

DNN Digest is our monthly email newsletter. It highlights news and content from around the DNN ecosystem, such as new modules and themes, messages from leadership, blog posts and notable tweets. Keep your finger on the pulse of the ecosystem by subscribing.  

What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out