okay... i may have jumped the gun on this. 
I'm having problems. did anyone else figure out how to refer to absolute paths?
previously posted:
I think I figured it out. I'd like to provide my visitors a sense of security, too. To protect the user login (the registration page is similar) AND if you have a dedicated SSL Certificate installed,
1. create a file called ForceSSL.inc and place it in root (/). The file should contain the following EXACT text (ie, don't change anything):
<%
If Request.ServerVariables("SERVER_PORT")=80 Then
Dim strSecureURL
strSecureURL = "https://"
strSecureURL = strSecureURL & Request.ServerVariables("SERVER_NAME")
strSecureURL = strSecureURL & Request.ServerVariables("URL")
Response.Redirect strSecureURL
End If
%>
2. At the very top line (1) of .asp page you want to protect put the following line
<!--#include virtual="/ForceSSL.inc"-->
3. Edit the "login_user.asp" file and insert absolute (not relative) paths. In version 7.51, edit lines 195, 200, and 203. These lines should NOT refer to "login_user_test.asp?TID=", but "http://www.YourSite.com/ForumPath/login_user_test.asp?TID="
This will force a connection out of https to http.
You can include the <!--#include virtual="/ForceSSL.inc"--> code in other pages you want to encrypt. When you redirect from them (eg a form button is clicked), just redirect to "http://www.blahblahblah.com/....). If you only redirect to a filename, by default you will usually continue to run in https.
NOTE!!
Likewise, all links (including the ones in the header will need to get changed to absolute (the search, help, register, active topics, etc) if you want a page exit to result in an exit from https. Don't forget to specify the absolute path to the "default.asp" file as well - this is referred by the root forum link on the forum login page.
God Bless!
Nick
Edited by dazedconfused
Topic Options
Post Options
Thanks(0)
