Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeUsing DNN Platf...Using DNN Platf...Administration ...Administration ...What is the best way to make ENTIRE DNN 6.x -7.x pages ALL SSL pages?What is the best way to make ENTIRE DNN 6.x -7.x pages ALL SSL pages?
Previous
 
Next
New Post
3/7/2013 7:08 PM
 
Reginald Thomas


www.extremefx.net
Joined: 8/2/2004
Posts: 220
In the past we've had the requirement that DNN 5.x and  all pages must be re-directed to HTTPS...
To accomplish this we simply added the following Redirect vb code to the site root's default.aspx starting at line 4
<%
    If Request.ServerVariables("HTTPS") = "off" Then
        Response.Redirect("https://" & Request.ServerVariables("HTTP_HOST") & "/default.aspx")
    End If

%>

This worked fantastic... and if a DNN site had a SSL certificate, then this instantly placed the entire site and any pages accessed by the user from http://www.mywebsite.com/mypage.aspx to SSL site of https://www.mywebsite.com/mypage.aspx

However after a recent upgrade from 5.x to 6.x we discovered that we had to change our redirect code on line 4 inside the dnn default.aspx file to the following to comply with C# language syntax:
<%
    if (Request.ServerVariables["HTTPS"].Equals("off")) {
        Response.Redirect("https://" + Request.ServerVariables["HTTP_HOST"] + "/default.aspx");
    }
%>

Again this works by redirecting the entire site as SSL "AS LONG AS WE HAVE THE SSL CHECK BOX ENABLED" in the Admin Site Settings.
This forces all the pages to SSL with out us having to go to each page settings and checking the page as SSL.

The only issue is that a strange text is displayed in the DNN Login Popup Modal which says "lang="en-US"" displayed above the Username:
Would love to attach or send someone a screenshot if i could. As thats the only perplexing thing about making entire DNN site SSL with out having to go to each page and set the SLL page.

So My QUESTION: Is the below HTTPS redirect approach correct in regards to DotNetNuke:
<%
    if (Request.ServerVariables["HTTPS"].Equals("off")) {
        Response.Redirect("https://" + Request.ServerVariables["HTTP_HOST"] + "/default.aspx");
    }
%>
"IS" this the  best way so far to force all the DNN 6.x-7.x pages to SSL without having to check each page at a time as SSL?
(again the only glitch in the Login Popup modal the strange("lang="en-US"" displayed above the Username:)

Try the above re-direct code on your ssl DNN test box with only SSL enabled in your admin settings on Versions 6.x and greater and you'll see what it does. all pages instantly redirect to https.

Please let me know how everyone else is forcing the entire DNN site as SSL?

Hope my explaining this issue wasn't too complicated... simply put,  i'm just looking for the best way to make sure all pages redirect and display as https: without my having to go to each page settings>Advanced Settings>Other Settings and checking the "SECURED?" Check box.
Please advise "in detail" on a better way that has worked for you in your case.
 
New Post
3/8/2013 12:01 PM
 
Reginald Thomas


www.extremefx.net
Joined: 8/2/2004
Posts: 220
To make a long story short.... and hopefully not scare anyone off from this issue....
I would like to know if there is a better way in regards to making DNN entire site pages as SSL? Thus making all the pages redirect or display as SSL (https://) without my having to go to every page and marking as secured?

I know the site will take a performance hit... but its a requirement i'm having to work with...

Any detailed feedback would be great...
 
New Post
3/8/2013 1:36 PM
 
David Elyk

Joined: 12/27/2002
Posts: 4

The way I usually force SSL on any ASP.NET website (even non DNN sites) is to add the following to your web.config:

<rule name="HTTP to HTTPS redirect" stopProcessing="true">
  <match url="(.*)" />
    <conditions>
      <add input="{HTTPS}" pattern="off" ignoreCase="true" />
    </conditions>
  <action type="Redirect" redirectType="Found" url="https://{HTTP_HOST}/{R:1}" />
</rule>

found it here:
http://www.iis-aid.com/articles/how_t...

 

www.elyk.net
 
New Post
3/8/2013 1:43 PM
 
Reginald Thomas


www.extremefx.net
Joined: 8/2/2004
Posts: 220

Hey thanks for the Tip, I will  try this and get back to the forum... I knew there had to be a better way to do this for DNN.

The only issue we are not using IIS 7 on this particular server...  Will still try and get back shortly...
 
New Post
3/8/2013 2:34 PM
 
Mike Ryckman


Joined: 4/17/2011
Posts: 519

You could also go to the host -> SQL page and just execute an SQL statement that changes IsSecure = 1 in the Tabs table... That will just change all your existing pages to be secure. Then you can just mark them that way in the future.

Mike
 
 Page 1 of 3
123Next 
Previous
 
Next
HomeHomeUsing DNN Platf...Using DNN Platf...Administration ...Administration ...What is the best way to make ENTIRE DNN 6.x -7.x pages ALL SSL pages?What is the best way to make ENTIRE DNN 6.x -7.x pages ALL SSL pages?


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out