Hi, We are looking at a way to secure the webtop on our sites with SSL and was wondering what the best way was to achieve this. We only want to secure the webtop, not the frontend of the sites. We are using IIS7.5 We have looked at using rules to force requests to the webtop to the https binding but this creates another problem. If a content editor previews a page and navigates around the site it’s all on https. If they then copy/paste a link into FarCry there is a chance of them pasting a complete link including https. While they shouldn’t be pasting full links it is a possibility and I would like a solution that avoids this from happening. One idea was to have all requests to webtop rewritten to https and then a second rule that had any requests NOT going to webtop rewritten to http. While I think this would work it seems a bit messy. Has anyone got a better way to use SSL only for the webtop? While on this topic, I’ve been thinking that we need to protect the entire webtop but is that offering any real benefits over just projecting login.cfm with SSL (e.g. doing something similar to this post **<https://groups.google.com/forum/?fromgroups#!searchin/farcry-dev/SSL/farcry-dev/12hdzk_qunc/hTmGUDX2cDIJ> * https://groups.google.com/forum/?fromgroups#!searchin/farcry-dev/SSL/farcry-dev/12hdzk_qunc/hTmGUDX2cDIJ<https://groups.google.com/forum/?fromgroups#!searchin/farcry-dev/SSL/farcry-dev/12hdzk_qunc/hTmGUDX2cDIJ)><https://groups.google.com/forum/?fromgroups#!searchin/farcry-dev/SSL/farcry-dev/12hdzk_qunc/hTmGUDX2cDIJ)> *<https://groups.google.com/forum/?fromgroups#!searchin/farcry-dev/SSL/farcry-dev/12hdzk_qunc/hTmGUDX2cDIJ)> ) Cheers Mark
-- You received this message cos you are subscribed to "farcry-dev" Google group. To post, email: [email protected] To unsubscribe, email: [email protected] For more options: http://groups.google.com/group/farcry-dev -------------------------------- Follow us on Twitter: http://twitter.com/farcry --- You received this message because you are subscribed to the Google Groups "farcry-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
