Solved

Hosting website with ssl and non-ssl content

Posted on 2011-03-02
6
429 Views
Last Modified: 2012-05-11
I've today finally managed to setup a ssl certificate on my test server (xp pro / iis5.1) so website / application is accessible only via https which is great.
However, I'd ideally like a landing page which requires no security with a link to the 'secure area'. At the moment, a normal http request gives the error 'must be viewed over a secure channel' which is as expected. Basically, I'm envisaging a normal website residing on a server, with a secure login page available to use an internal application.
I'm unsure how to achieve my goal or whether it's possible on xp. Any help appreciated, thanks.
0
Comment
Question by:nigelr99
  • 5
6 Comments
 

Accepted Solution

by:
nigelr99 earned 0 total points
ID: 35021561
OK.. I've found a solution but would like some comments from someone who has experience in this area. Is this a legitimate way to solve the problem? Basically, I'm preventing any necessary pages to be opened without ssl by redirecting to https if port 80 detected.

At the start of every page I want to be secure, I've added the code shown http://support.microsoft.com/kb/239875

Thanks
<%
   If Request.ServerVariables("SERVER_PORT")=80 Then
      Dim strSecureURL
      strSecureURL = "https://"
      strSecureURL = strSecureURL & Request.ServerVariables("SERVER_NAME")
      strSecureURL = strSecureURL & Request.ServerVariables("URL")
      Response.Redirect strSecureURL
   End If
%>

Open in new window

0
 

Author Comment

by:nigelr99
ID: 35022260
(Didn't explain that very well.. I've unchecked the ssl requirement on the overall website to allow a normal http landing page but then forced https on all secure pages with the shown ms code.)
0
 
LVL 15

Expert Comment

by:pcsmitpra
ID: 35025861
You can try this: Go to your IIS 5.1 , Locate the website , keep SSL for whole site , then go to default page , right click properties  , Fiel Security , Secure communication Edit , Uncheck the Require SSL for this page and other SSL secure options.

Try to browse the page on http port 80 .  Rest all pages you can keep working without SSL code, so overhead will be escaped.

Hope this will help.
0
Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

 

Author Comment

by:nigelr99
ID: 35062463
Thanks - I'll try that asap (sorry for slow response, working on different projects on different days.)
0
 

Author Comment

by:nigelr99
ID: 35087213
I specifed SSL for the whole site and then un-checked for my index.htm page but I get the error 'SSL required for this site' (or words to that effect). I've decided the overhead of my original code is not substantial as it only re-directs to https if a user specifically requests a page on http which 'should' never happen as they come through the login page in the first place.
0
 

Author Closing Comment

by:nigelr99
ID: 35221258
This seems the best solution - it works and unless somebody maliciously attempts to access the secure pages using http deliberately, there should be little or no overhead.
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lync server 2013 or Skype for business Backup Service Error ID 4049 – After File Share Migration
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question