Connection attempts over HTTP are silently redirected to HTTPS, except for connection attempts to View Administrator. HTTP redirection is not needed with more recent View clients because they default to HTTPS, but it is useful when your users connect with a Web browser, for example to download View Client.

The problem with HTTP redirection is that it is a non-secure protocol. If a user does not form the habit of entering https:// in the address bar, an attacker can compromise the Web browser, install malware, or steal credentials, even when the expected page is correctly displayed.

Note

HTTP redirection for external connections can take place only if you configure your external firewall to allow inbound traffic to TCP port 80.

Connection attempts over HTTP to View Administrator are not redirected. Instead, an error message is returned indicating that you must use HTTPS.

To prevent redirection for all HTTP connection attempts, see Prevent HTTP Redirection for Client Connections.

Connections to port 80 of a View Connection Server instance or security server can also take place if you off-load SSL client connections to an intermediate device. See "Off-load SSL Connections to Intermediate Servers" in the VMware Horizon View Administration document.

To change the SSL port number, see "Replacing Default Ports for View Services" in the VMware Horizon View Installation document.

To allow HTTP redirection when the SSL port number was changed, see Change the Port Number for HTTP Redirection.