By default, Azure App Service does not enforce HTTPS. We can enforce HTTPS redirection by configuring the rules in the web.config
file.
In our normal Azure Web Apps URL, add scm
after the name of the Azure web application. It opens a Kudu editor:
Go to Debug console
and navigate to the wwwroot
directory in the Kudu editor.
Create web.config
by executing the touch web.config
command in the console:
Click on the Edit icon of the file and we can add the following content to redirect HTTP to HTTPS:
<?xml version="1.0" encoding="UTF-8"?> <configuration> <system.webServer> <rewrite> <rules> <!-- BEGIN rule TAG FOR HTTPS REDIRECT --> <rule name="Force HTTPS" enabled="true"> <match url="(.*)" ignoreCase="false" /> <conditions> <add input="{HTTPS}" pattern="off" /> </conditions> <action type="Redirect...