Re: force https

["Greg Stiavetti" <gstiavetti () rentoneonline com>]

Open the "Web Site" properties of the site in question, to the right of the 
IP Address filed , click the "Advanced" button, Select "Default" in the top 
section "Multiple idnetities for this Web Site" and click the "Remove" 
button.

This removes the binding for port 80 from the site, leaving only SSL on 443.

Greg Stiavetti
Network Administrator

office ~ 831.438.3141 ext. 213
e-mail ~ gstiavetti () RentOneOnline com

Rent One Online: The Fastest Growing 100% Web-based Vacation Rental 
Management Software


----- Original Message ----- 
From: "Leon" <roastin () yahoo com>
To: <security-basics () securityfocus com>
Sent: Thursday, July 07, 2005 7:17 AM
Subject: force https


> Hello,
>
> I have a web-based frontend for an application that
> users will be accessing.  It can use http or https.  I
> would like to allow only https.  This is a more
> relaxed company so it will be harder to enforce a
> management policy (as in dont do this do this) so I
> would like to enforce this through the use of
> techonlogy.  I know i could set a router acl to permit
> only https to the server but this seems kind of like a
> kludge (first off it wont prevent people on the same
> subnet from doing what they want).  How can I
> configure IIS to only except https connections?
>
> Thx,
>
> Leon
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam?  Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com