Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeArchived Discus...Archived Discus...Developing Under Previous Versions of .NETDeveloping Under Previous Versions of .NETASP.Net 2.0ASP.Net 2.0SSL Security and DotNetNukeSSL Security and DotNetNuke
Previous
 
Next
New Post
1/10/2007 9:41 PM
 
Matthew Christenson

Joined: 10/19/2006
Posts: 164

How would somebody go about making sure that password submissions and credit card feilds are secured in DNN, specifically on applications that host multiple portals using different host headers?  I am a little bit concerned by how little information I've been able to find on this.  I've found a few solutions that make is so that all pages are secured, but that will only work on a single host header at a time.

Please somebody tell me if this is or isn't possible with the core product?

Thanks
 
New Post
1/10/2007 10:39 PM
 
David Snow


www.AgingSafely.com
Joined: 9/18/2006
Posts: 226

You can, of course, put the whole site under SSL as https://. However, I suspect that you really only want to put a small subset of the pages as SSL. SnowCovered.com has a SSL module called  "SSL Module 4.2" that magicilly redirects the pages you select to https://.  I haven't tried it yet, put plan on using it.

/Dave

/Dave S
 
New Post
1/10/2007 11:07 PM
 
Brian Price

Joined: 10/5/2003
Posts: 85
If you plan to store credit cart information in DNN, i astrongly recommend doing so on a dedicated server. I definitely wouldn't store financial information on an install shared with other portals. If you can't isolate the data I'd recommend using a system such as PayPal where your site never gets the actual credit card number.
Qualtiy DotNetNuke modules and custom development; we've been serving the DNN community for over 2 years and have hundreds of satisfied customers. Let us serve you today.
 
New Post
1/10/2007 11:36 PM
 
Matthew Christenson

Joined: 10/19/2006
Posts: 164
DavidWSnow wrote

You can, of course, put the whole site under SSL as https://. However, I suspect that you really only want to put a small subset of the pages as SSL. SnowCovered.com has a SSL module called  "SSL Module 4.2" that magicilly redirects the pages you select to https://.  I haven't tried it yet, put plan on using it.

/Dave

But that only works with a single portal, because you can only assign one certificate to one website in IIS.  What happens if I have www.onecompany.com and www.anothercompany.com hosted on the same DNN application as two different portals?
 
New Post
1/10/2007 11:43 PM
 
Matthew Christenson

Joined: 10/19/2006
Posts: 164

briancprice wrote
If you plan to store credit cart information in DNN, i astrongly recommend doing so on a dedicated server. I definitely wouldn't store financial information on an install shared with other portals. If you can't isolate the data I'd recommend using a system such as PayPal where your site never gets the actual credit card number.

I have my own servers and am setting up a DNN application to host portals that integrate with an on site windows forms application at client sites to handle reservations and account transactions on the web that are replicated to the enterprise solution my clients use on site.

I am not concerned with the data after it has made it too my site, what I am concerned with is that when the user types their credit card information in the submit form, that the information would be trasfered as clear text to my server where it could then get encrypted and saved.  Not being able to support this on multiple portals on the same DNN application seems to me to be a critical flaw in the DNN core architecture. 

Does this would mean that every single site that uses the DNN STORE project with paypal and authorize.net integration is currently not submitting encrypted postbacks to the server?  This sounds like a huge problem, I am hoping that I'm just overlooking something obvious and that somebody will correct me.

 
 
 Page 1 of 4
1234Next 
Previous
 
Next
HomeHomeArchived Discus...Archived Discus...Developing Under Previous Versions of .NETDeveloping Under Previous Versions of .NETASP.Net 2.0ASP.Net 2.0SSL Security and DotNetNukeSSL Security and DotNetNuke


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out