SSL 403 error

If you have questions about using mojoPortal, you can post them here.

You may want to first review our site administration documentation to see if your question is answered there.

This thread is closed to new posts. You must sign in to post in the forums.

7/19/2007 4:28:58 AM

naeonlite

Total Posts 5

View Posts

SSL 403 error

Hi Joe,

We've rolled a site out on Mojo and last night attempted to change the site to use SSL for login. I changed the web.config isSSLavailable node to "true" and deployed the file to the server. An SSL cert is available on the machine but we saw some odd behaviour:

- default.aspx returned a 403 error (page needs to be served over https). This page had not been set to be run over SSL.

- However, the /secure/login.aspx page was available over https if you surfed directly to it (couldn't get to it by a link because we couldn't see default.aspx for the site home page). Logging in appeared to be successful but the redirect to default.aspx for the logged in user failed because, again, default.aspx threw a 403.

My immediate suspicion is that something on the server is causing this behaviour (we are on someone else's infrastructure) but I wondered if you'd seen anything like this before.

Many thanks

Dave

7/19/2007 5:57:50 AM

Joe Audette

Total Posts 18439

View Posts

Re: SSL 403 error

Sounds like IIS is configured to require ssl for the whole folder. IIS offers protection of this nature which is why I put the secure pages in the Secure folder, thinking that users could if they like configure this folder in IIS to require ssl as an added layer of protection, but it sounds like your root folder is configured this way. The setting is in the Directory Security tab, the same place where you configure the ssl certificate.

Hope it helps,

Joe

You must sign in to post in the forums. This thread is closed to new posts.