http -vs- https

[Bill Dross]

Is it possible to have different pages on the secure server than which
appear on the http server? I apologize since I am new to this but here is
what happens when I create a new page (specially a database results page).
The same page appears on both -- if I delete it, it is deleted from both.

I had a page with database results and that results page was easily found by
several search engines (Yahoo, etc.). Yahoo's help page states that it can't
find pages on a secure server. That is what prompted my question. However,
I am unable to create a page only on the secure server.

Thanking you in advance.

Bill

 

[Jack Brewster]

Bill,

Are you managing your own server, or is it hosted with a vendor? If you're
hosting it and therefore have local administrative privileges, you can
disable non-ssl traffic for your site in the Internet Services Manager.

If I recall, there's a checkbox under the Secure Communications settings to
disallow normal port 80 traffic on the resource. I haven't played with SSL
much so I hope I'm sending you in the right direction!

 

[Bill Dross]

Jack,

No, we purchase a commercial site and don't do much more than publish to it.
Thanks for the information, though as I will contact them to see if they can
provide some assistance.

Regards,

Bill

 

[Thomas A. Rowe]

No, all page on web server with SSL can be access via http and https unless specific code is added
the page to force the page to only load under https. You can also store all pages the need to be
accessed via https in their own folder, which just allow you a better way to manage them.

--
==============================================
Thomas A. Rowe (Microsoft MVP - FrontPage)
WEBMASTER Resources(tm)

FrontPage Resources, WebCircle, MS KB Quick Links, etc.
==============================================

 

[Jack Brewster]

I just checked an SSL enabled server and found under "IIS | Directory
Security | Secure communications | Edit..." there is a setting for "Require
secure channel (SSL)". I'm fairly certain that if you enable this IIS won't
allow non-SSL traffic to connect to the site.

The downside of this is that I don't think there is a way to have IIS catch
non-SSL requests and forward to the correct port. So, if you have the
following:
https://www.example.com

and a user tries to connect to
http://www.example.com (no 's')

then they will receive an error as opposed to an automatic redirection. I'd
test this to confirm, but I can't play with the server that has SSL on it.


Using a code based solution as Thomas has suggested would allow you to catch
non-SSL requests in a friendlier manner.