469,648 Members | 1,331 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,648 developers. It's quick & easy.

Enforcing SSL to be used

Hopefully, this isn't too dumb of a question. I have a asp.net (2) app
running on a dedicated Windows 2003 server. My host provider who manages
the machine purchased and "installed" the SSL certificate and took care of
all of the details (no experience on my part) to enabled SSL on our app. We
can now browse the site using HTTPS. The little lock in IE appears and it
seems to be encrypted.

How can I prevent any of the app/site being viewed or browsed outside of
SSL? I can browse around the site and all seems fine. But if I remove the
"s" from the https in the URL, the site continues to work normally. This is
what I want to prevent. Is there some way in IIS6 to redirect all non-SSL
requests to the log in (default) page of the app in https?

Does this make sense?

(This server is running 2 sites and I'm using IIS to detect the host header
value and direct to the proper folder for the pages.)
Aug 23 '06 #1
1 984
"Groove" <no***@noemail.comwrote in message
news:Os**************@TK2MSFTNGP05.phx.gbl...
How can I prevent any of the app/site being viewed or browsed outside of
SSL?
http://www.thecodeproject.com/aspnet...select=1462654
Aug 23 '06 #2

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

reply views Thread by Steven Hilton | last post: by
3 posts views Thread by Xamle Eng | last post: by
2 posts views Thread by Frosty | last post: by
1 post views Thread by David Johnson | last post: by
2 posts views Thread by Jeff Stewart | last post: by
10 posts views Thread by ddtbhai | last post: by
20 posts views Thread by Chris | last post: by
2 posts views Thread by phillipwei | last post: by
reply views Thread by gheharukoh7 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.