Is there a way to ensure that an ASP.NET application (only) runs on HTTPS?

Question

I am wondering if there is a way to make sure that ASP.NET application can only be started using the HTTPS protocol

I am fine with any code (perhaps defensive programming?) That can do the trick or maybe some IIS / web server settings that can do the job.

+5

Joseph May 27, '09 at 17:43

3 answers

SSL IIS , 403.4

" "

, Request.IsSecureConnection, SSL.

+2

+1

slolife 27 '09 17:57

Randolpho · Accepted Answer · 2009-05-27T17:45:41+0000

IIS will definitely allow you to require HTTPS. See below for instructions .

Edit: I had to dig around , but there is also Request.IsSecureConnection for defensive programming.