SaaS CMS has officially launched! Learn more now.

Securing Admin UI with SSL in EPiServer 7

Vote:
 

Hi, what is the path to walk to get (read force) admin UI secured with SSL without having to create second application to IIS for that? Documentation (http://world.episerver.com/Documentation/Items/Developers-Guide/EPiServer-CMS/7/Security/Securing-Edit-and-Admin/) was not from my point of view clear in this, and example actually looks to be from CMS 6, where the UI mapping was a bit more simple than in CMS 7.

#72993
Jul 03, 2013 16:00
Vote:
 

we use the iis 7 urlrewrite module to achive this.

<rule name="ForceCMSInHTTPS" stopProcessing="true" enabled="true">
    <match url="(manage|util)$(/)?.*" ignoreCase="true" />
    <conditions>
      <add input="{HTTPS}" pattern="off" ignoreCase="true" />
    </conditions>
    <action type="Redirect" redirectType="Found" url="https://{HTTP_HOST}/{R:0}" appendQueryString="true"  />
  </rule>

    

#72999
Jul 03, 2013 16:47
Vote:
 

Thanks, sounds like a good approach!

EDIT: Probably the matching rule was ment to be "(manage|util)($|/)?.*"

#73011
Edited, Jul 04, 2013 8:49
This thread is locked and should be used for reference only. Please use the Episerver CMS 7 and earlier versions forum to open new discussions.
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.