views:

18

answers:

2

Is it possible to set requireSSL="true" for admin part of the site alone?

+1  A: 

Yes. For older versions of IIS, the procedure is to open the IIS manager and right-click on the folder you want to require SSL on, and choose properties. The go to the Security tab just like you would on an entire web site or web app.

I am relatively sure it works the same on the newer versions, but I haven't yet had hands-on experience with anything above IIS 6. However, this is such a common requirement, I'm sure it's the same.

(official iis instructions here)

David Stratton
+1  A: 

You can do it easily for any page:

If HttpContext.Current.Request.IsSecureConnection.Equals(False) Then
    Response.Redirect("https://" + Request.ServerVariables("HTTP_HOST") + HttpContext.Current.Request.RawUrl) 
End If
Markive