In this post we describe how you can redirect requests to www and https by using a Middleware in ASP.NET Core. The reasons to do a 301 redirect is improved SEO and higher website security.
It is better to have only one version of your website in search engines, if you have several versions of your website (http://, http://www., https://, https://www.) you might be penalized for duplicate content.
Hyper Text Transfer Protocol Secure (HTTPS) is a secure version of the Hyper Text Transfer Protocol (HTTP). Https means that all communication between a browser and your server is encrypted, this makes it very difficult for a man in the middle to get information from data sent between a browser and a server.
Why a 301 redirect? A 301 redirect is a permanent redirect from one url to another url, this means that search engines knows that the url that you redirect to is the correct url and that all search ranking score should apply to this url.
Middleware
This middleware is used to do redirects, I use IWebsiteSettingRepository website_settings_repository to store information about if we should do a www redirect and if we should do a https redirect. KeyStringList is a wrapper for a dictionary with strings, this class makes it easier to get values from the dictionary.
/// <summary>
/// This middleware handles redirects
/// </summary>
public class RedirectMiddleware
{
#region Variables
private readonly RequestDelegate next;
#endregion
#region Constructors
/// <summary>
/// Create the middleware
/// </summary>
public RedirectMiddleware(RequestDelegate next)
{
// Set values for instance variables
this.next = next;
} // End of the constructor
#endregion
#region Methods
/// <summary>
/// Invoke the middleware
/// </summary>
public async Task Invoke(HttpContext context, IWebsiteSettingRepository website_settings_repository)
{
// Get the host and the url
string host = context.Request.Host.Host;
string url = host + context.Request.Path;
// Get website settings
KeyStringList settings = website_settings_repository.GetAllFromCache();
string redirect_https = settings.Get("REDIRECT-HTTPS");
string redirect_www = settings.Get("REDIRECT-WWW");
if (host == "mysite.azurewebsites.net")
{
// Call the next delegate/middleware in the pipeline
await next(context);
}
else if (redirect_https.ToLower() == "true" && context.Request.IsHttps == false)
{
UriBuilder uriBuilder = new UriBuilder(url);
uriBuilder.Scheme = "https";
uriBuilder.Host = redirect_www.ToLower() == "true" && host.Contains("www.") == false ? "www." + uriBuilder.Host : uriBuilder.Host;
uriBuilder.Port = 443;
// Redirect to https, 301
context.Response.Redirect(uriBuilder.Uri.AbsoluteUri, true);
}
else if (redirect_www.ToLower() == "true" && host.Contains("www.") == false)
{
// Modify the url
UriBuilder uriBuilder = new UriBuilder(url);
uriBuilder.Host = "www." + uriBuilder.Host;
// Redirect to www, 301
context.Response.Redirect(uriBuilder.Uri.AbsoluteUri, true);
}
else
{
// Call the next delegate/middleware in the pipeline
await next(context);
}
} // End of the Invoke method
#endregion
} // End of the classUse the middleware
Our middleware is added to the Configure method in the StartUp class and this middleware will be used to redirect to www and/or https.
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
// Use redirection
app.UseMiddleware<RedirectMiddleware>();
// More code...
} // End of the Configure method