Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeArchived Discus...Archived Discus...Developing Under Previous Versions of .NETDeveloping Under Previous Versions of .NETASP.Net 2.0ASP.Net 2.0SSL Security and DotNetNukeSSL Security and DotNetNuke
Previous
 
Next
New Post
1/15/2007 6:38 AM
 
Joe Brinkman


Joe Brinkman's Avatar

blog.theaccidentalgeek.com
Joined: 5/18/2003
Posts: 2356

As John stated already, there is no change that DNN could make that would satisfy the criteria you have outlined.  The SSL handshake occurs long before even the first line of DNN code executes.  No matter what DNN does, we will not be able to overcome this issue without going around the native IIS SSL implementation which is not a real possibility.

As for putting common DNN code in a single DLL and making everything static/shared would not solve the performance problem either.  That could would still be loaded in separate appdomains for each website that was using the code.  Shared/static methods and properties are only shared within the single appdomain and are not shared accross domains.  Even if you could architect DNN to load a single instance in one appdomain and have multiple websites all access the same appdomain for those functions, you would necessarily take a huge performance hit because you would then be marshalling data for practically every method call across processes which is a huge performance hit.

Also, everyone should take the words "best practice" with a grain of salt.  In many cases, best practices makes certain assumptions about how a website will be used.  If those assumptions are not clearly spelled out then it is hard to say whether the best practice is really applicable to any specific usage.

Joe Brinkman
DNN Corp.
 
New Post
1/17/2007 3:02 AM
 
Philip Beadle


Joined: 1/7/2003
Posts: 1822

The method of using portal.mydomain.com, or portal2.mydomain.com is the best solution i have seen.  If you have multiple SSL sites on one server you probably are some sort of service provider and as such using the wild card approach you can supply "free" SSL to your customers.  All you do is use the URL option when adding a Page and point it to the secure page.

This begs the question of how to ensure the user stays logged in when they change domains from their browsing URL to the SSL URL?

Philip Beadle - Employee
 
New Post
4/15/2007 10:11 PM
 
Philip Lippard

www.sanibellogic.com
Joined: 12/23/2004
Posts: 82

Relating to DNN Security, SSLRedirect is an excellent add-on for SSL securing DNN web pages.  SSLRedirect provides the flexibility of using Regular Expressions to define which web pages should be SSL secured.  SSLRedirect also provides an output filtering feature which assist in eliminating the mixed content message received when flowing from HTTPS to HTTP web pages.  SSLRedirect works equally as well for native ASP.NET apps as for DNN apps.  SSLRedirects works equally as well with single domain SSL Certificates as with wildcard SSL Certificates.

Product brief can be reviewed by clicking on https://www.sanibellogic.com/SL/Products.aspx?Cat=DotNetNuke&PLong=00200

Product documentation can be downloaded by clicking on http://www.SanibelLogic.com/DownloadMe.aspx?uuid=7616144c-d302-403b-9291-bf4d21655c4b

SSLRedirect is also available on www.snowcovered.com ...just conduct a search for "SSLRedirect".

SSLRedirect has just been enhanced in support of DNN 4.5.0.

Philip
 
 Page 4 of 4
Previous1234 
Previous
 
Next
HomeHomeArchived Discus...Archived Discus...Developing Under Previous Versions of .NETDeveloping Under Previous Versions of .NETASP.Net 2.0ASP.Net 2.0SSL Security and DotNetNukeSSL Security and DotNetNuke


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out