Ensuring https on IIS webpages
Steven Espinoza
espinoza at CSUSM.EDU
Mon Jun 3 20:29:50 EDT 2013
Hi all,
New to the list...and new to my topic: ensuring https on web forms.
We recently added Illiad Institutional Lending which has its set of pages for login, registration and request forms.
I want to ensure https is used (in those rare occasions that someone types in the url using http:) but I am not sure of best practices.
In IIS 6, I found in Properties that Directory Security could be set to "Require secure channel (SSL)". I have activated it on the Lending folder and it seems to work well.
Any http:// prefixed url to a page within this folder returns a 403.4 error page and indicates that the page must be viewed over a secure channel. It includes the suggestion to try "https://".
As mentioned, it seems to work well, but I just don't know if I have done the best thing, or misused this security setting? Is there a better or best practices way?
Thanks in advance.
Steven R. Espinoza
California State University San Marcos
Kellogg Library - Systems
San Marcos, CA 92096
e: espinoza at csusm.edu<mailto:espinoza at csusm.edu>
w: 760-750-4361
c: 760-801-5537
============================
To unsubscribe: http://bit.ly/web4lib
Web4Lib Web Site: http://web4lib.org/
2013-06-03
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listserv.nd.edu/pipermail/web4lib/attachments/20130604/e93ae648/attachment.htm>
More information about the Web4lib
mailing list