DiscountASP "says" they can turn-on HTTPS for an entire website,butdoing so,does not actually force HTTPS use.Instead, whenDiscountASP"turns on HTTPS" itsimplyTHROWSERRORS if a websurfer attempts to uses HTTP rather than HTTPS. That's NOT what I need. I don't want errors ...I want automatic ... behind-the-scenes ... redirection. I want all HTTP request traffic automatically redirected to HTTPS.The onlymethods I've found involve hard coding full URL paths into each of my webpages and forcing a redirect from inside each and every web page ... quite tedious and not verymaintainable. I would think "some" technique does exist, but I can't finda techniquethat "plays-nicely" withDiscountASP current architecture. Has anyone worked out a dependable way to accomplish "painless" redirection to HTTPS for an entire website on DiscountASP? Thanks Frederick
I don't know about painless, but you can definitely create your own http module that will intercept incoming requests and redirect accordingly. This is easier to implement in IIS7. http://blogs.msdn.com/sukeshak/archive/2007/09/05/redirecting-from-http-to-https-in-iis7-http2https-updated.aspx Aristotle DiscountASP.NET www.DiscountASP.NET
Question #1: Does DiscountASP.net allow HTTP modules? Question #2: Since my website is currently on IIS6, should I ask DiscountASPto move it to IIS7?
Yes. DiscountASP allows customHTTPmodules to be loaded. You can make a similar type of HTTP module to run with IIS6, but you'll have to request the DiscountASP admins to configure a wildcard mapping to ASP.NET for you first. Aristotle DiscountASP.NET www.DiscountASP.NET
I have a module running on my site from the CodeProject. It's pretty painless and easy to impliment. You just make a couple changes to the webconfig and you're off. Here's the link: http://www.codeproject.com/KB/web-security/WebPageSecurity_v2.aspx Good luck! -Ken