Security Basics mailing list archives
Re: force https
From: "Sean M. Duckett" <sean () cyberclone net>
Date: Tue, 12 Jul 2005 10:44:37 -0500
Leon wrote:
Hello, would like to allow only https. This is a more relaxed company so it will be harder to enforce a management policy (as in dont do this do this) so I would like to enforce this through the use of techonlogy.
I'm in a similar situation, but my solution is to configure my webserver (Apache2, in my case) to transparently redirect traffic.
From my apache2.conf:
<VirtualHost *:80>
Redirect permanent / https://www.mydomain.com/
</VirtualHost>
I'm not sure how you'd translate that to IIS, but I'm sure you'll find
it if you rtfm.
--smd.
Current thread:
- force https Leon (Jul 11)
- RE: force https Mike Tierney (Jul 12)
- Re: force https Greg Stiavetti (Jul 13)
- Re: force https Greg Stiavetti (Jul 12)
- Re: force https security (Jul 12)
- R: force https Blindhorizon (Jul 12)
- RE: force https Mutallip ABLIMIT (Jul 12)
- Re: force https Sean M. Duckett (Jul 12)
- Re: force https Steven Matkoski (Jul 12)
- Re: force https Micheal Espinola Jr (Jul 13)
- Re: force https Paul Kurczaba (Jul 13)
- RE: force https Keenan Smith (Jul 18)
- Re: force https Greg Stiavetti (Jul 20)
- Re: force https Ivan C (Jul 20)
- <Possible follow-ups>
- RE: force https Depp, Dennis M. (Jul 12)
- RE: force https Kirk Brady (Jul 13)
- RE: force https Mike Tierney (Jul 12)