This article shows you how to force visitors to use https when visiting your website.
Edit the web.config file in the root folder of your website and add the following code to the <system.webServer> node.
<httpRedirect enabled="false" destination="" exactDestination="false" />
<rewrite>
<rules>
<rule name="Redirect to HTTPS" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="SeeOther" />
</rule>
</rules>
</rewrite>