'I want some users to continue using HTTP while others should use HTTPS
I have recently switched my website from HTTP to HTTPS. For some external users, they do not have enough permissions to access via HTTPS and they still need to access via HTTP.
I want to keep both HTTP and HTTPS, but HTTP only for a specific group of users. How to make this change in IIS 8?
Any ideas, please suggest.
Solution 1:[1]
You can try the following steps:
Step1: configure https.
- Set IIS to work with HTTPS (http://learn.iis.net/page.aspx/144/how-to-set-up-ssl-on-iis-7/ )
- Test HTTPS locally to make sure that it works.
- In your firewall (to Internet), configure it so that it allows port 443 (https) to your IIS server.
This will allow ALL people to access your website using https, since we have not configured any restrictions.
Steps2: configure http.
- Install WindowsAuthenticationModule if it is not already installed
- In IIS Manager, click the website.
- Double click Authentication in the middle pane
- Select Windows Authentication and enable it
- Select Anonymous Authentication and disable it.
Since the users on your local network is authenticated to AD, and the website is in their local zone, they should automatically authenticate and should not see the login box. People outside your network are not authenticated, hence should need to logon to access the website.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | samwu |