IIS - Microsoft Internet Information Services

HomeForumsIIS 5.x & 6.0SecuritySecuring sites - classic asp - .Net 1.1, .Net 2.0, and .Net 3+

« Previous Next »

Thread: Securing sites - classic asp - .Net 1.1, .Net 2.0, and .Net 3+

Last post 10-14-2008 9:37 PM by naziml. 3 replies.

Average Rating Rate It (5)

RSS

Page 1 of 1 (4 items)

Sort Posts:

  • 10-13-2008, 2:54 PM

    Securing sites - classic asp - .Net 1.1, .Net 2.0, and .Net 3+

    Reply Contact

    It as been the recent task of our team to come up with both short and long term solutions to the concern of SSL security on our sites.

    The first solution off the top of the head is to do 1 of the following 2.  Either take the pain and time consuming option of coding each individual website to rediret to https to use ssl.  The second approach would be to have IIS force a redirect to the https and www paths.

    The catch is what would be the best approach.  I am thinking of a quick and easy temporary solution first.  Then a long term solution.  But the long term solution has a catch.  In the next few months (early - Mid 2009) we are moving to Server 2008 with IIS7 and that may negate the changes necessary in IIS6.

    Any and all suggestions are appreciated on this matter.  If you have any suggestions regarding the best way to add SSL to existing sites please let me know.  I would like to try and avoid a manual reprogramming of that many websites.  Thank you

    MBG
    Tags:

  • 10-14-2008, 7:07 AM In reply to

    Re: Securing sites - classic asp - .Net 1.1, .Net 2.0, and .Net 3+

    Reply Contact

    mybestguess:
    If you have any suggestions regarding the best way to add SSL to existing sites please let me know. 

    Install the certificate and check the Require Secure Connections box.

    Jeff

    Look for Wrox's new book Professional IIS 7 in your local bookstore, or order now at Amazon.com

  • 10-14-2008, 1:20 PM In reply to

    Re: Securing sites - classic asp - .Net 1.1, .Net 2.0, and .Net 3+

    Reply Contact

    Thank you. I know about the certificates but I didn't know if there was an easier solution.  We have 7 certificates for 7 domains and on 3 of those domains, there are 20+ sites that need to have SSL enabled.

     The only problem I saw with that is there will be a lot of custom code entered to handle redirects to https and I didn't know if there was an easier way to handle the redirect instead of custom coding each of the 75+ sites?

  • 10-14-2008, 9:37 PM In reply to

    • naziml
    • Top 150 Contributor
    • Joined on 03-10-2008, 6:25 PM
    • Posts 41

    Re: Securing sites - classic asp - .Net 1.1, .Net 2.0, and .Net 3+

    Reply Contact

    You can use IIS config to redirect instead of the application doing it. Here's how you set this up for IIS6: http://technet.microsoft.com/en-us/library/cc736641.aspx
Page 1 of 1 (4 items)

Powered by IIS7   Powered by ASP.NET 2.0

Copyright © 2009 Microsoft Corporation. All Rights Reserved. | Terms of Use | Privacy Statement | About our Team
Questions/Problems with www.iis.net? | Interested in Advertising with us? | Ads served by BanManPro