|
Home > Archive > IIS Server Security > October 2006 > SSL entire web site
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
SSL entire web site
|
|
|
| We will be launching a new WWW site in the next few weeks, and for internal
reasons (reasons I can't go into here), the new web site will need to be
entirely https. I'm trying to determine what issues, if any, there will be
when doing this.
The new site is entirely different, so we expect issues anyway with people
finding things via search engines. Of course, bookmarks would have been an
issue anyway since the site is entirely different.
I can see one issue is that if someone types in http://www..., but we can
redirect them to the https site.
So what issues can I expect if our entire site is https?
Thanks!
Doug
| |
| Bernard Cheah [MVP] 2006-09-29, 1:43 am |
| issue? not much....
things to consider is this will increase resouse usage for cpu/ram/etc as
know iis needs to https first
also if you have non https url? you might get prompt saying 'the page
content secure / nonsecure url' etc warning.
--
Regards,
Bernard Cheah
http://www.iis.net/
http://www.iis-resources.com/
http://msmvps.com/blogs/bernard/
"Doug" <dgeiste@REMOVEsnet.net> wrote in message
news:EPzSg.9171$6S3.332@newssvr25.news.prodigy.net...
> We will be launching a new WWW site in the next few weeks, and for
> internal reasons (reasons I can't go into here), the new web site will
> need to be entirely https. I'm trying to determine what issues, if any,
> there will be when doing this.
>
> The new site is entirely different, so we expect issues anyway with people
> finding things via search engines. Of course, bookmarks would have been an
> issue anyway since the site is entirely different.
>
> I can see one issue is that if someone types in http://www..., but we can
> redirect them to the https site.
>
> So what issues can I expect if our entire site is https?
>
> Thanks!
> Doug
>
>
>
| |
|
| Thanks Bernard. I didn't think abut the RAM/CPU usage.
The issue of getting the https error message is problem. If the end user
types in www.domainname.com/somepage.html, they'll get the https error.
Because we also do radio ads to content on our site, it would also mean the
that the annoucer would have to say, "https://...", which no one will get
because they're not used to typing, having to type it in,... or hearing
https.
So based on this, I've convinced those that securing individual pages makes
a lot more sense than the entire site.
Thanks for the response. Much appreciated!
Doug
"Bernard Cheah [MVP]" <qbernard@hotmail.com.discuss> wrote in message
news:uEPCys34GHA.2144@TK2MSFTNGP04.phx.gbl...
> issue? not much....
> things to consider is this will increase resouse usage for cpu/ram/etc as
> know iis needs to https first
> also if you have non https url? you might get prompt saying 'the page
> content secure / nonsecure url' etc warning.
>
>
> --
> Regards,
> Bernard Cheah
> http://www.iis.net/
> http://www.iis-resources.com/
> http://msmvps.com/blogs/bernard/
>
>
> "Doug" <dgeiste@REMOVEsnet.net> wrote in message
> news:EPzSg.9171$6S3.332@newssvr25.news.prodigy.net...
>
>
| |
| Bernard Cheah [MVP] 2006-10-01, 7:33 am |
| You can always force user and redirect to https pages...
for example.
HOW TO: Use ASP to Force SSL for Specific Pages
http://support.microsoft.com/?id=239875
--
Regards,
Bernard Cheah
http://www.iis.net/
http://www.iis-resources.com/
http://msmvps.com/blogs/bernard/
"Doug" <dgeiste@REMOVEsnet.net> wrote in message
news:fJaTg.5879$TV3.5644@newssvr21.news.prodigy.com...
> Thanks Bernard. I didn't think abut the RAM/CPU usage.
>
> The issue of getting the https error message is problem. If the end user
> types in www.domainname.com/somepage.html, they'll get the https error.
> Because we also do radio ads to content on our site, it would also mean
> the that the annoucer would have to say, "https://...", which no one will
> get because they're not used to typing, having to type it in,... or
> hearing https.
>
> So based on this, I've convinced those that securing individual pages
> makes a lot more sense than the entire site.
>
> Thanks for the response. Much appreciated!
>
> Doug
>
>
> "Bernard Cheah [MVP]" <qbernard@hotmail.com.discuss> wrote in message
> news:uEPCys34GHA.2144@TK2MSFTNGP04.phx.gbl...
>
>
| |
|
|
|
|
|