Products

Solutions

Learn More

Partners

Community

Blog

About

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen

HomeHomeUsing DNN Platf...Using DNN Platf...Administration ...Administration ...Convert DNN http site to https siteConvert DNN http site to https site
Previous
 
Next
New Post
3/22/2017 4:43 PM
 

Hi,

With Chrome aggressively flagging non-https sites and now with the most recent build of Firefox doing the same thing, I need to take whatever steps are necessary to convert my managed DNN sites to https (SSL) sites. Most of the sites are running on Godaddy shared servers, which is somewhat fortunate in that Godaddy doesn't require a dedicated IP address for their SSL certificates and they allow SSL on shared accounts.

So, acquiring the certificate(s) and applying the cert to the hosting account should be easy enough.

But, what will I need to do to the DNN sites themselves?

Thanks for any suggestions offered :-)

 
New Post
3/23/2017 10:19 AM
 
Jim,

afaik not much. Read here: http://www.dnnsoftware.com/wiki/how-t...

Happy DNNing!
Michael

Michael Tobisch
DNN★MVP
helferlein.com - Michael Tobisch's Site about DNN, SQL Server, ASP.Net and other related stuff dnn-Connect.org - The most vibrant community around the DNN-platform
 
New Post
3/23/2017 11:53 AM
 
Hi Michael,

I had actually read that page before posting, but the first line "This a how to write up that explains how to make sure that all authenticated sessions (anything that happens after a user is logged on) are served using an SSL connection (using the HTTPS protocol)" had thrown me a little. It seems to indicate that only after someone has logged in would they be seeing https pages.

Does that mean that site visitors would continue to see non-https pages unless they log in? My goal is to have all users see only https pages regardless of login status.

Thanks :-)
 
New Post
3/24/2017 7:49 AM
 
Jim,

I might be wrong, but afaik it is enough to activate SSL in the Site Settings and to enable the "Is Secure" setting on each page to force SSL also for non-authenticated users. If you have too many pages to do this manually, you could try the following SQL statement (under Host :: SQL):

UPDATE {databaseOwner}{objectQualifier}Tabs SET IsSecure = 1

After executing that command you have to restart the application pool. Please backup your database before trying.

Happy DNNing!
Michael

Michael Tobisch
DNN★MVP
helferlein.com - Michael Tobisch's Site about DNN, SQL Server, ASP.Net and other related stuff dnn-Connect.org - The most vibrant community around the DNN-platform
 
New Post
3/24/2017 9:26 PM
 
I would not bather with SSL settings in DNN itself. Instead I would create a URLRewriter rule and add this to your web.config:

<code><rewrite><br />

<rules><br />

<rule name="HTTP to HTTPS redirect" enabled="true" stopprocessing="true"><br />

<match url="(.*)"><br />

<conditions><br />

<add input="{HTTPS}" pattern="off" ignorecase="true"><br />

</add></conditions><br />

<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirecttype="Permanent"><br />

</action></match></rule><br />

</rules><br />

</rewrite></code>


www.server-essentials.com is a community for IT Consultants and Business Owners who, themselves, take care of the IT infrastructure and Employees who do that little extra in the company to keep things running. Our forum is for discussing all things ‘IT’ and more. Our documentation is top notch and written by and for the community. Join now at https://www.server-essentials.com/secure-registration
 
Previous
 
Next
HomeHomeUsing DNN Platf...Using DNN Platf...Administration ...Administration ...Convert DNN http site to https siteConvert DNN http site to https site


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
DNN Launch Webinar
REGISTER NOW
DNN Launch Webinar
REGISTER NOW
DNN Launch Webinar
REGISTER NOW