Force HTTPS

Re: Force HTTPS

Actually, you can do this with ASP...



"Andrew Durstewitz" <adurstew@devbu ilder.org> wrote in message
news:3f0436dd$0 $198$75868355@n ews.frii.net...[color=blue]
> You need to do this in IIS not ASP. I would ask this question in an IIS
> newsgroup.
>
> -Andrew
>
> * * * Sent via DevBuilder http://www.devbuilder.org * * *
> Developer Resources for High End Developers.[/color]

Re: Force HTTPS

You could add something like this to the top of your pages:

<%

If UCase(Request.S erverVariables( "HTTPS")) = "OFF" Then
'''get page
sRedirect = "https://" & Request.ServerV ariables("SERVE R_NAME") &
Request.ServerV ariables("PATH_ INFO") & "?" & Request.Queryst ring
Response.Redire ct sRedirect
End If

%>

Ray at work

"John McDermidt" <jmcdt73_at_msn .com> wrote in message
news:OY7R9kWQDH A.3768@tk2msftn gp13.phx.gbl...[color=blue]
> Is there a way to use HTTPS only on certain pages? I have two pages that I
> want to use my SSL Cert, but the rest of the files I do not... they are[/color]
all[color=blue]
> in the same folder, and I can not move them.
>
>[/color]

Re: Force HTTPS

Neat. I never knew you could do it with ASP. I just allways did it
with the server configuration.

-Andrew

* * * Sent via DevBuilder http://www.devbuilder.org * * *
Developer Resources for High End Developers.

Re: Force HTTPS

Individual items have a security tab as well. Right click the page inside
the IIS snap in & go to properties. Click the security tab, edit the cert,
and check off the only allow ssl connections. The individual settings
override the global ones.

HTH

DP


"John McDermidt" <jmcdt73_at_msn .com> wrote in message
news:OY7R9kWQDH A.3768@tk2msftn gp13.phx.gbl...[color=blue]
> Is there a way to use HTTPS only on certain pages? I have two pages that I
> want to use my SSL Cert, but the rest of the files I do not... they are[/color]
all[color=blue]
> in the same folder, and I can not move them.
>
>[/color]

Re: Force HTTPS

On Thu, 3 Jul 2003 09:44:34 -0400, "John McDermidt"
<jmcdt73_at_msn .com> wrote:
[color=blue]
>Is there a way to use HTTPS only on certain pages? I have two pages that I
>want to use my SSL Cert, but the rest of the files I do not... they are all
>in the same folder, and I can not move them.[/color]

Yes, set the entire folder to SSL and just use https on the two pages.
Or, just set each page to SSL in the MMC. If you are on a shared
hosting environment have your hosting company do this for you.

John Cesta


-------------------------------------------
ColdFusion Hosting Includes 10 Domains
100% Browser Based Administration
---------------------------------
LogFileManager - The only IIS Logfile Management Tool
DomainReportIt PRO - Helps Convert IIS Installs
http://www.serverautomationtools.com[color=blue]
>[/color]

Re: Force HTTPS

I didn't know you could do it via individual page properties. The method I
use is:

<%
dim myname
dim i

myname = Request.ServerV ariables("SCRIP T_NAME")
i = instr(myname, ">")
if i > 0 then myname = left(myname, i-1)
do while left(myname,1) = "/"
myname = mid(myname, 2)
loop

if ucase(Request.S erverVariables( "HTTPS")) = "OFF" then
response.redire ct https://<siteurl>/ & myname
end if
%>

The <siteurl> is the base of the current page.

By putting this code before any HTML code on the ASP page, the ASP page will
only show with SSL. If the user cancels the certificate or security switch,
the previous page will remain the current page.

Mike Ober.

"Splatter" <me@me.net> wrote in message
news:nKXMa.26$M 44.22799@news.u swest.net...[color=blue]
> Individual items have a security tab as well. Right click the page inside
> the IIS snap in & go to properties. Click the security tab, edit the cert,
> and check off the only allow ssl connections. The individual settings
> override the global ones.
>
> HTH
>
> DP
>
>
> "John McDermidt" <jmcdt73_at_msn .com> wrote in message
> news:OY7R9kWQDH A.3768@tk2msftn gp13.phx.gbl...[color=green]
> > Is there a way to use HTTPS only on certain pages? I have two pages that[/color][/color]
I[color=blue][color=green]
> > want to use my SSL Cert, but the rest of the files I do not... they are[/color]
> all[color=green]
> > in the same folder, and I can not move them.
> >
> >[/color]
>
>[/color]

Re: Force HTTPS


"Michael D. Ober" <obermd-@-alum-mit-edu-nospam> wrote in message
news:b4YMa.13$h O4.34351@news.u swest.net...[color=blue]
> I didn't know you could do it via individual page properties. The method[/color]
I[color=blue]
> use is:
> "Splatter" <me@me.net> wrote in message
> news:nKXMa.26$M 44.22799@news.u swest.net...[color=green]
> > Individual items have a security tab as well. Right click the page[/color][/color]
inside[color=blue][color=green]
> > the IIS snap in & go to properties. Click the security tab, edit the[/color][/color]
cert,[color=blue][color=green]
> > and check off the only allow ssl connections. The individual settings
> > override the global ones[/color][/color]
[color=blue]
>
> By putting this code before any HTML code on the ASP page, the ASP page[/color]
will[color=blue]
> only show with SSL. If the user cancels the certificate or security[/color]
switch,[color=blue]
> the previous page will remain the current page.
>
> Mike Ober.[/color]

Thanks Mike I'll remember that. Yes they do, which is handy with non
WebPages as well. I have a zip file I wanted to host to everyone not just
my users via ssl and I was able to override the sight security on that file
so it can be served anonymously.

DP