Rasolo
Search

Start | Blogs | IT | How to redirect a naked http domain to an ssl protected www

2020-02-08

IT

How to redirect a naked http domain to an ssl protected www

I had just activated the shared hosting plan in Azure in order to try out a custom domain with HTTPS. My hand was forced to use the shared hosting plan since the tier below that allows you to buy a custom domain, but not use HTTPS. This is sneaky in my opinion since a custom domain is pretty useless without HTTPS when all browsers gives a warning and prevents you from entering the site if it lacks a certificate. Anyway.

Azure does not provide you with HTTPS for the naked url (the naked url is the url without www, eg: http://domain.com is naked whereas http://www.domain.com is not). Since users would get a huge warning from browsers and prevent them from entering if they go to my website using the naked url I wanted to redirect from the naked to the "clothed" (www) url. It refused to work.

The solution was to activate ssl on the naked url by using Let's Encrypt. Redirects will only work if the domain has a certificate apparently. I had tried Let's Encrypt for hours before without success until finally discovering that you need the shared or higher hosting plan for Let's Encrypt or any kind of SSL to work. I used the Let's Encrypt site extension https://github.com/sjkp/letsencrypt-siteextension to get it to work. (The letsencrypt-webapp-renewer https://github.com/ohadschn/letsencrypt-webapp-renewer does not work right now 2020-02-09) It worked perfectly the first try and only the naked domain got the Let's Encrypt certificate, the "clothed" domain was left alone and keeps it's Azure certificate.

Below are redirects that works to redirect from both HTTP and HTTPS to www, with the lower rule being for HTTPS. Replace domain.com with your domain.

<rule name="Redirect domain.com to www.domain.com HTTP" patternSyntax="ECMAScript" stopProcessing="true">
  <match url=".*" />
  <conditions>
    <add input="{HTTP_HOST}" pattern="^domain.com$" />
    <add input="{HTTPS}" pattern="off" />
  </conditions>
  <action type="Redirect" url="http://www.domain.com/{R:0}" redirectType="Permanent" appendQueryString="true"/>
</rule>
<rule name="Redirect domain.com to www.domain.com HTTPS" patternSyntax="ECMAScript" stopProcessing="true">
  <match url=".*" />
  <conditions>
    <add input="{HTTP_HOST}" pattern="^domain.com$" />
    <add input="{HTTPS}" pattern="on" />
  </conditions>
  <action type="Redirect" url="https://www.domain.com/{R:0}" redirectType="Permanent" appendQueryString="true"/>
</rule>

 

I will see if I will stick with the shared plan since the estimated cost is almost 50$ a month. If the bill lands there then I don't see it as worth it just to have a custom domain with HTTPS. I would rather stick with .azurewebsites.net then.