Force visitors to https

We often see following error message when we visit secure sites.

“The page you are trying to access is secured with Secure Sockets Layer (SSL)”

IIS6 or later versions has more than 50 error codes that you can play with to customize the error page; so that your web visitors doesn’t see the system default  error message appearing to their web-browser.

Following few lines code (webserver error code 403) force visitors to navigate to https:// site when url type with http:// or just a domain name.

——–Edit 403-4.htm—-

Default Path: C:\WINDOWS\help\iisHelp\common
Filename: 403-4.htm

— Place these 3-lines of Java Script code on top of 403-3.htm file—

<script language=”javascript”>




Mouse right click on target site on IIS and go to properties – then Custom Errors tab.

Please Note Following changes are global to IIS (not site specific). Please remember to remove these changes if current secure site is no longer needed or removed from IIS else subsequent new site will forward to your retired site.

Note: IIS forwarding will not work between http and https header with same domain name.


About Robiul

Robiul has 15 years of continuous successful career experience in ICT with extensive background in System Engineering, IT infrastructure design, operations and service delivery, managing IT projects / MIS functions for local and multi-national companies with in-depth knowledge of multiple operating systems as well as construct / manage small to medium size Data Center. Proven ability to design and implement medium to semi-large scale LAN/WAN/WLAN and system infrastructures. Academic qualification: Master of Science in Information Systems. Professional certifications are: MCSE, CCNA, ITIL and FoundStone Security Professional, VCP, NetAPP, CISSP etc.
This entry was posted in Windows and tagged . Bookmark the permalink.