Security Basics mailing list archives

RE: force https

From: "Depp, Dennis M." <deppdm () ornl gov>
Date: Tue, 12 Jul 2005 07:37:50 -0400

Leon,

Take a look at
http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/I
IS/a242bd31-eff3-4e42-800a-d5d3d1d00283.mspx

Also look at
http://support.microsoft.com/default.aspx?scid=kb;en-us;313074.  You can
setup a site listening on Port 80 that will redirect everything to you
https site.

Dennis 

-----Original Message-----
From: Leon [mailto:roastin () yahoo com] 
Sent: Thursday, July 07, 2005 10:18 AM
To: security-basics () securityfocus com
Subject: force https

Hello,

I have a web-based frontend for an application that
users will be accessing.  It can use http or https.  I
would like to allow only https.  This is a more
relaxed company so it will be harder to enforce a
management policy (as in dont do this do this) so I
would like to enforce this through the use of
techonlogy.  I know i could set a router acl to permit
only https to the server but this seems kind of like a
kludge (first off it wont prevent people on the same
subnet from doing what they want).  How can I
configure IIS to only except https connections?

Thx,

Leon

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com

Current thread:

Re: force https, (continued)
- Re: force https security (Jul 12)
- R: force https Blindhorizon (Jul 12)
- RE: force https Mutallip ABLIMIT (Jul 12)
- Re: force https Sean M. Duckett (Jul 12)
- Re: force https Steven Matkoski (Jul 12)
  - Re: force https Micheal Espinola Jr (Jul 13)
- Re: force https Paul Kurczaba (Jul 13)
- RE: force https Keenan Smith (Jul 18)
  - Re: force https Greg Stiavetti (Jul 20)
  - Re: force https Ivan C (Jul 20)
- RE: force https Depp, Dennis M. (Jul 12)
- RE: force https Kirk Brady (Jul 13)