Security Basics mailing list archives

RE: force https

From: "Mike Tierney" <miket () marketview co nz>
Date: Tue, 12 Jul 2005 09:57:24 +1200

You could always just make the http page redirect to the https page?

Or am I missing something? <---- not web expert

Cheers
Mike

-----Original Message-----
From: Leon [mailto:roastin () yahoo com] 
Sent: Friday, 8 July 2005 2:18 a.m.
To: security-basics () securityfocus com
Subject: force https

Hello,

I have a web-based frontend for an application that users 
will be accessing.  It can use http or https.  I would like 
to allow only https.  This is a more relaxed company so it 
will be harder to enforce a management policy (as in dont do 
this do this) so I would like to enforce this through the use 
of techonlogy.  I know i could set a router acl to permit 
only https to the server but this seems kind of like a kludge 
(first off it wont prevent people on the same subnet from 
doing what they want).  How can I configure IIS to only 
except https connections?

Thx,

Leon

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection 
around http://mail.yahoo.com

Current thread:

force https Leon (Jul 11)
- RE: force https Mike Tierney (Jul 12)
  - Re: force https Greg Stiavetti (Jul 13)
- Re: force https Greg Stiavetti (Jul 12)
- Re: force https security (Jul 12)
- R: force https Blindhorizon (Jul 12)
- RE: force https Mutallip ABLIMIT (Jul 12)
- Re: force https Sean M. Duckett (Jul 12)
- Re: force https Steven Matkoski (Jul 12)
  - Re: force https Micheal Espinola Jr (Jul 13)
- Re: force https Paul Kurczaba (Jul 13)
- RE: force https Keenan Smith (Jul 18)

(Thread continues...)