Re: force https

From: Greg Stiavetti (gstiavetti_at_rentoneonline.com)
Date: 07/19/05

Next message: Vinsik, Steven C: "RE: Biometrics"

Previous message: Florian Rommel: "Re: SSL VPN"
In reply to: Keenan Smith: "RE: force https"
Next in thread: Ivan C: "Re: force https"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "Keenan Smith" <kc_smith@clark.net>, "'Leon'" <roastin@yahoo.com>, <security-basics@securityfocus.com>
Date: Mon, 18 Jul 2005 15:31:25 -0700

Here's the real scoop, on the change to IIS6.0, to enforce only https access

http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/8d9f2a8f-cd23-448c-b2c7-f4e87b9e2d2c.mspx

Greg Stiavetti
Network Administrator

office ~ 831.438.3141 ext. 213
e-mail ~ gstiavetti@RentOneOnline.com

Rent One Online: The Fastest Growing 100% Web-based Vacation Rental
Management Software

----- Original Message -----
From: "Keenan Smith" <kc_smith@clark.net>
To: "'Leon'" <roastin@yahoo.com>; <security-basics@securityfocus.com>
Sent: Wednesday, July 13, 2005 10:32 AM
Subject: RE: force https

> In the properties for the web site, remove the TCP port number but leave
> the SSL port number. Or shut down port 80 in your fire wall. Or at the
> application level, all requests to http can be redirected to https.
>
> Keenan
>
> -----Original Message-----
> From: Leon [mailto:roastin@yahoo.com]
> Sent: Thursday, July 07, 2005 10:18 AM
> To: security-basics@securityfocus.com
> Subject: force https
>
>
> Hello,
>
> I have a web-based frontend for an application that
> users will be accessing. It can use http or https. I
> would like to allow only https. This is a more
> relaxed company so it will be harder to enforce a
> management policy (as in dont do this do this) so I
> would like to enforce this through the use of
> techonlogy. I know i could set a router acl to permit
> only https to the server but this seems kind of like a
> kludge (first off it wont prevent people on the same
> subnet from doing what they want). How can I
> configure IIS to only except https connections?
>
> Thx,
>
> Leon
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
>

Next message: Vinsik, Steven C: "RE: Biometrics"

Previous message: Florian Rommel: "Re: SSL VPN"
In reply to: Keenan Smith: "RE: force https"
Next in thread: Ivan C: "Re: force https"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: firefox issue
... i guess that your yahoo and hotmail setting use https, ... Do You Yahoo!? ... Mail has the best spam protection around ...
(Fedora)
Re: force https
... That requires port 80 be open at the firewall to work. ... It can use http or https. ... >> Do You Yahoo!? ... Mail has the best spam protection ...
(Security-Basics)
Re: force https
... Open the "Web Site" properties of the site in question, ... It can use http or https. ... > Do You Yahoo!? ... Mail has the best spam protection around ...
(Security-Basics)
force https
... It can use http or https. ... relaxed company so it will be harder to enforce a ... Do You Yahoo!? ... Mail has the best spam protection around ...
(Security-Basics)
RE: force https
... In the properties for the web site, remove the TCP port number but leave ... all requests to http can be redirected to https. ... Do You Yahoo!? ... Mail has the best spam protection around ...
(Security-Basics)