SharePoint Config

Ari Bakker's thoughts on customising and configuring SharePoint

Archive for the ‘IIS’ tag

Enforcing the correct protocol for partially SSL secured SharePoint sites

with 7 comments

This is the third in a series of posts detailing how to configure a partially SSL secured SharePoint site. In the previous post we covered how to enable SSL for the site. In this post we will cover how to force connections to use the correct protocol (HTTPS for sensitive data, HTTP otherwise). This is required so that if a user tries to browse to page that sends or displays sensitive data via HTTP (e.g. http://www.company.com/pages/login.aspx) they will be redirected to the HTTPS version of the page (e.g. https://www.company.com/pages/login.aspx – so they can login securely) and vice versa for pages like the homepage that should be delivered via HTTP so they do not incur the performance hit of encrypting and decrypting the page.

signpost directions

Photo by nord_modular / CC BY-NC-SA 2.0

Written by Ari Bakker

March 18th, 2010 at 8:14 am