There're 4 website URL variations:
http://domain.com (naked domain)
http://www.domain.com
https://domain.com
https://www.domain.com
Ideally, when user access any of these URLs, the requests should be redirect to https://www.domain.com.
This can be split to 2 tasks: Redirect to https and Redirect to www.domain.com. Let's resolve it step by step.
1. Redirect to https
Make 2 change in Startup.cs file:
1) Add redirect to Configure method
app.UseHttpsRedirection();
2) Add https port number to ConfigureServices method
services.AddHttpsRedirection(options =>
{
options.HttpsPort = 443;
});
2. Redirect to www.domain.com
1) Open URL Rewrite in IIS Manager
![]()
If you don't have URL Rewrite, please download and install from here,
2) Add Canonical domain name
Click "Add Rules", then click "Add Canonical domain name".
![]()
3) Save the rule
Enter www.domain.com, click Save. The change will be save to web.config file. You may want to save the change to your server environment.
![]()
3. Verify the setting
If you accessed https://domain.com in the past, the SSL certificate will be cached in the browser. So even the https redirect isn't set properly, you won't be able to see the issue unless clear the browser cache first. A better way to test is using Chrome incognito mode, or private mode.
![]()
