Security Basics mailing list archives
Re: force https
From: Steven Matkoski <matkoski () nysernet org>
Date: Tue, 12 Jul 2005 10:04:30 -0400
Hi Leon, why not use a redirect/refresh on the http site and redirect to the https site? then the redirect is transparent to the user. For example: header of the http - index.html page: <meta http-equiv="refresh" content="0; url=https://your.site.com/"> -s. At 10:17 AM 7/7/2005, Leon wrote:
Hello, I have a web-based frontend for an application that users will be accessing. It can use http or https. I would like to allow only https. This is a more relaxed company so it will be harder to enforce a management policy (as in dont do this do this) so I would like to enforce this through the use of techonlogy. I know i could set a router acl to permit only https to the server but this seems kind of like a kludge (first off it wont prevent people on the same subnet from doing what they want). How can I configure IIS to only except https connections? Thx, Leon __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Current thread:
- force https Leon (Jul 11)
- RE: force https Mike Tierney (Jul 12)
- Re: force https Greg Stiavetti (Jul 13)
- Re: force https Greg Stiavetti (Jul 12)
- Re: force https security (Jul 12)
- R: force https Blindhorizon (Jul 12)
- RE: force https Mutallip ABLIMIT (Jul 12)
- Re: force https Sean M. Duckett (Jul 12)
- Re: force https Steven Matkoski (Jul 12)
- Re: force https Micheal Espinola Jr (Jul 13)
- Re: force https Paul Kurczaba (Jul 13)
- RE: force https Keenan Smith (Jul 18)
- Re: force https Greg Stiavetti (Jul 20)
- Re: force https Ivan C (Jul 20)
- <Possible follow-ups>
- RE: force https Depp, Dennis M. (Jul 12)
- RE: force https Kirk Brady (Jul 13)
- RE: force https Mike Tierney (Jul 12)