Migrating ASP.net site to an EC2 in AWS on Microsoft IIS service

Question

Client has migrated an ASP.net based website to AWS on EC@ running on IIS.  We are testing before final migration and the client currently has all bindings set to port 80 however when we launch the site by one of the established URLs, a redirect to HTTPs occurs and then fails as it is not listening on 443.  This behavior occurs if anything other than "localhost is used"

WE have inspected the IIS settings and there does not appear to be any redirects in IIS or statements in webconfig files causing this.  Not very familiar with all areas of an ASP.net site but have inspected some areas based on research and cannot find anything as of yet causing the redirect.

The client will in the end be hoping to offload the SSL at an ALB or Cloudfront so the solution would maintain the sites listening on port 80 in IIS

Any thoughts on what might be causing this or approach to narrow in on the root cause would be appreciated!

re:Post Agent · Answer

This issue you're experiencing with the ASP.NET site redirecting to HTTPS despite being configured to listen on port 80 could be caused by several factors. Here are some approaches to help identify and resolve the problem:

1. Check for URL Rewrite rules: Even if you don't see explicit redirects in IIS settings, there might be URL Rewrite rules in place. Look for a web.config file in the root directory or subdirectories of your application that might contain these rules.

2. Inspect application code: The redirect could be happening within the ASP.NET application code itself. Look for any middleware or filters that might be forcing HTTPS.

3. Examine global.asax: Check the global.asax file for any application-level event handlers that might be initiating a redirect.

4. Review web.config: Double-check the web.config file for any configuration settings that might be enforcing HTTPS, such as the "requireSSL" attribute on forms authentication.

5. Check for security headers: Look for any security headers being set by the application that might be forcing HTTPS, such as Strict-Transport-Security (HSTS).

6. Investigate third-party modules: If your application uses any third-party modules or components, they might be configured to enforce HTTPS.

7. Use network monitoring tools: Utilize tools like Fiddler or browser developer tools to capture and analyze the HTTP traffic. This can help you see exactly where and when the redirect is occurring.

8. Test with a bare-bones application: Create a simple "Hello World" ASP.NET application and deploy it to the same IIS server. If this doesn't redirect, it suggests the issue is within your application rather than the IIS configuration.

9. Check for load balancer settings: If there's already a load balancer in front of your EC2 instance, verify its settings to ensure it's not initiating the HTTPS redirect.

10. Temporary workaround: As a temporary measure to aid in testing, you could try adding a binding for port 443 in IIS, even without a valid SSL certificate. This might allow you to access the site while you continue to investigate the root cause.

Remember, once you identify and resolve the cause of the redirect, you'll be able to maintain the site listening on port 80 in IIS, which aligns with your plan to offload SSL at the ALB or CloudFront level in the future.

If these steps don't lead you to the source of the problem, you might need to engage in more detailed application-level debugging or consider reaching out to AWS support for further assistance.  
**Sources**  
[Issue with File Downloads via HTTPS on Application Behind Application Load Balancer | AWS re:Post](https://repost.aws/questions/QUPQBt3m5zQLyrhm-ZqLF42Q/issue-with-file-downloads-via-https-on-application-behind-application-load-balancer)  
[Package an IIS-based application - AWS End-of-Support Migration Program (EMP) for Windows Server](https://docs.aws.amazon.com/emp/latest/userguide/emp-iis-packaging.html)

Migrating ASP.net site to an EC2 in AWS on Microsoft IIS service

Relevant content