How can i enforce my ASP.NET MVC web application to use https only?
if (!Request.IsLocal && !Request.IsSecureConnection)
string redirectUrl = Request.Url.ToString().Replace("http:", "https:");
Note: This answer assumes an MVC context within a Controller where HttpContext is a property holding the current context. If you’re unlucky enough to still be using WebForms or are referencing the context in a degenerate way you will need to use HttpContext.Current.ApplicationInstance.CompleteRequest().
I’d do a
!Request.IsLocal as well to make sure that I’m not debugging, though if you’re using a real instance of IIS with a cert applied when debugging that shouldn’t be an issue.