As the title sounds, here I’m going to discuss a very simple feature of IIS7 which has one additional step to keep in mind compared to that you do in the previous versions of IIS (5, 5.1, 6). Let’s take an example of configuring a redirect for a page to HTTPS if it is browsed on HTTP. There are a lot of ways doing this HTTP to HTTPS redirection, where using custom error pages is one of them.

If you force HTTPS to be used in your website, error 403.4 would be returned to the browser. By default detailed error message (403.4) won’t be sent to the browser, but just 403. However, you can enable detailed error messages. Now, we need to configure our error page so that it redirects the requests to HTTPS. You can do it by following this KB article which was written for IIS 5, and 6, but holds good for IIS 7.0 as well.

Just adding an entry would enable this rule functioning, but if you try to test from your local server itself which most of the people would do after configuring this, you would see it doesn’t redirect you to the URL mentioned, and it gives you the same 403.4 error page.

That’s because of IIS 7.0 by default doesn’t send the custom error pages to a local request, but the detailed errors. So, you need to configure IIS to do a custom error message even if it is browsed from the server. But, you can ignore following below if you doesn’t care if the site redirects from the server (which is true for any customer facing website). Click on “Edit Feature Settings, and then choose “Custom error pages”, and click on OK.

image   

image

So, take away from this post is “don’t try to test the custom error pages from the server itself after configuring it, since they are by default disabled for any local request”.

.rm