SitePoint Sponsor

User Tag List

Results 1 to 4 of 4
  1. #1
    SitePoint Addict
    Join Date
    Feb 2002
    Location
    Atlanta, GA
    Posts
    342
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Exempt page or directory from SSL

    I have a need to exempt a page from being served up via SSL. Is there a way to allow a single page to be exempt from SSL or barring that a directory?

    As always, thanks for any assistance.

    The system is:
    Windows Server 2003
    IIS 6
    ASP.NET
    .NET Framework 2.0


  2. #2
    SitePoint Wizard holmescreek's Avatar
    Join Date
    Mar 2001
    Location
    Northwest Florida
    Posts
    1,707
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Not sure about ASP (I do PHP), but you should be able to retrieve the name of the page / script being loaded from your server variables. Then check the name of the page / script for any occurance of https, if it is found, then do a redirect, otherwise let the page load normally.

    in Php it would be something like :

    Code:
    $currentpage = $_SERVER['PHP_SELF'];  # would return something like "https://mysite.com/something/index.php"
    
    if(str_pos($currentpage, "https")) {
    
    header('Location: http://www.example.com/');
    
    }
    
    
    otherwise just load the page normally...
    Not a direct ASP answer, but, maybe enough that you can use to figure it out.
    intragenesis, llc professional web & graphic design

  3. #3
    SitePoint Addict
    Join Date
    Feb 2002
    Location
    Atlanta, GA
    Posts
    342
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Holmes;

    Thank you for your input. That's a valid approach and in the end might be something we'll go with. I'd like to know the .NET way if anyone can enlighten me on that.


  4. #4
    SitePoint Author silver trophybronze trophy
    wwb_99's Avatar
    Join Date
    May 2003
    Location
    Washington, DC
    Posts
    10,623
    Mentioned
    4 Post(s)
    Tagged
    0 Thread(s)
    Generally one enforces SSL at the IIS level rather than in your application. I am presuming the entire application is setup to enforce SSL. In that case, you can set an individual file not to require SSL by browsing to that folder in the IIS manager, then right clicking on the file and going into the File Security tab on the properties window.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •