Reputation: 1479
Force HTTPS on Appharbor
Related questions: here - here
I have an ASP.NET application deployed on appharbor. Manually navigating to its https:// url works fine, but I would like to ONLY use HTTPS. That is, redirect to HTTPS if I receive an HTTP request.
There are 2 ways of achieving this, that I'm aware of: (1) using web.config , which does not work due to the X-Forwarded-Proto header being stripped by the load-balancer on appharbor (?) or (2) making a custom httpattribute as shown here
Unfortunately, neither of these approaches work well for me - Both are giving me a redirect loop :(. All the answers I can find are fairly old, has anything changed on appharbor/asp.net that I should be aware of?
Thanks in advance.
Upvotes: 0
Views: 271
Answers (1)
Reputation: 871
Are you using MVC in your application? The attribute was intended for it.
If it's just regular ASP.NET you could use HTTP Modules or Global.asax to achieve the same effect.
The RequireHttpsAttribute by Rune should work. I use ServiceStack on AppHarbor, but based the attribute I use for that from Rune's code. It's still in use today.
AppHb's load-balancer will set the X-Forwarded-Proto header to match the incoming protocol scheme (http or https), as traffic from the load balancer is forwarded on to your application's IIS instance as HTTP (and therefore the original scheme is lost).
Upvotes: 2
Related Questions
- How to use HTTPS in an ASP.Net Application
- https on default ASP.NET MVC
- How to force HTTPS on asp.net MVC VNext?
- How do I make my ASP.NET application serve pages only over HTTPS?
- AppHarbor's Reverse Proxy causing issues with SSL and app.UseOAuthBearerTokens ASP.NET MVC 5
- Redirect away from HTTPS with ASP.NET MVC App
- Error on AppHarbor The requested resource can only be accessed via SSL
- How to configure SSL on AppHarbor with ServiceStack.net web services
- Appharbor JustOneDB https request from C# getting 400 errors
- Why does AppHarbor + RequireHttpsAttribute equal frowny-face :(