SSL Login only ?

This is a discussion on SSL Login only ? within the Tech Board forums, part of the Community Boards category; I'm creating a site where client login to our intranet/extranet with user and password and the site displays their data. ...

  1. #1
    secrux
    Guest

    SSL Login only ?

    I'm creating a site where client login to our intranet/extranet with user and password and the site displays their data.

    My question is should I make the Whole Site SSL or just the login page ?

    Using IIS 5.x, Win2K

  2. #2
    5|-|1+|-|34|) ober's Avatar
    Join Date
    Aug 2001
    Posts
    4,429
    depends on the level of security needed and how hard it is to make the entire site SSL. If it's not much extra work, I would go ahead and do it. Can't hurt to add extra secuity.
    EntropySink. You know you have to click it.

  3. #3
    UNBANNED OneStiffRod's Avatar
    Join Date
    Jan 2002
    Posts
    669
    SSL for the entire site seems to be a waste, you don't need to ENCRYPT an entire html page, just the sensitive data.

    Just do the forms.

    If you want secure connection - setup a VPN (Virtual Private Network) connection to your intranet/extranet.
    My Avatar says: "Stay in School"

    Rocco is the Boy!
    "SHUT YOUR LIPS..."

  4. #4
    RoD
    RoD is offline
    Redundantly Redundant RoD's Avatar
    Join Date
    Sep 2002
    Location
    Missouri
    Posts
    6,331
    Nothings ever secure, it just depends how close to secure-as-possible that you want to be

  5. #5
    secrux
    Guest
    I've been testing something:

    In IIS there's the default web site and the Administration web site.

    I made a new one called 'New' on port 13 (same as my default web page)

    but how do I browse to that ?

    http://localhost:13 -----> my default web site

    These don't surf there:

    http://localhost:13/New
    http://New:13
    http://New.localhost:13

  6. #6
    UNBANNED OneStiffRod's Avatar
    Join Date
    Jan 2002
    Posts
    669
    setup Host Headers - a host header is like www.yoursite.com or it might be without the www also.

    Under host headers you can redirect to the proper site at the proper non-standard port number.
    My Avatar says: "Stay in School"

    Rocco is the Boy!
    "SHUT YOUR LIPS..."

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. unable to login to facebook
    By zykostar in forum C# Programming
    Replies: 4
    Last Post: 03-30-2010, 02:04 PM
  2. rewrite function for ssl compatibility
    By keeper in forum C++ Programming
    Replies: 1
    Last Post: 06-02-2006, 12:31 PM
  3. Having problems with a login script...
    By Junior89 in forum C++ Programming
    Replies: 6
    Last Post: 01-06-2006, 11:05 AM
  4. SSL and 503 FTP Error :: Socket
    By kuphryn in forum Networking/Device Communication
    Replies: 2
    Last Post: 03-18-2005, 03:15 PM
  5. Script App for SSL VPN Link
    By Hobbes80 in forum C++ Programming
    Replies: 4
    Last Post: 11-09-2004, 12:32 PM

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21