Force HTTPS redirection

更新时间:
复制 MD 格式

Force HTTP requests sent to Edge Security Acceleration (ESA) POPs to redirect to HTTPS.

When to use

Always Use HTTPS improves site security and protects user data by redirecting HTTP requests to HTTPS. When an ESA POP receives an HTTP request, it returns a 301 redirect to the HTTPS equivalent.

image

Before you begin

  • Before you enable this feature, configure an SSL/TLS certificate for your site as described in Configure edge certificates. For more information, see Configure edge certificates.

  • After you enable Always Use HTTPS, browsers may show a Mixed Content warning if your application still loads HTTP resources.

Enable Always Use HTTPS

  1. In the ESA console, go to Websites. In the Website column, click your target site.

  2. In the navigation pane on the left, choose Edge Certificates.

  3. Enable Always Use HTTPS.

    image

Site-level vs. rule-based configuration

The site-level setting applies to all requests for the site. To target specific requests, use the rule-based feature instead. You can define rules with conditions that detect specific parameters in client requests, giving you precise control over which requests the rule affects. The rule-based equivalent is HTTPS rules.