I have changed my ASP.NET from version 4.0 to 4.6.1 in Visual Studio 2017. Also in Visual Studio 2017, I have enabled SSL through my project's Properties panel.
I have noticed, however, that in my project's Web.config file, it says:
Its in the docs:
true if SSL is required to return the forms-authentication cookie to the server; otherwise, false. The default is false.
If you need to change this depends on what exactly you are doing. But if you start testing than you should find out if this settings need to be changed.
The project is part of Microsoft's Membership Identity and will need to take https and not http, but no important personal details, such as bank details, are required in any form transactions.
Basically, users register, and a link is sent to their email for email confirmation. The user's details are stored in a SQL database and their password hashed.
The site will allow for students to upload their work to their university lecturer. No money at all is involved.
So, if my understanding is correct, I should opt for 'enabled'?
