Secure Socket Layer (SSL ) is essential to ensure the integrity of data passing from your webserver to the browser. IT creates a kind of encrypted link between the two and makes sure that your website is protected. This includes data such as credit card numbers, social security numbers, login credentials etc. If SSL is not used, the data that is transmitted between the server and client is plain text which leaves your website vulnerable to attacks from hackers and other malicious code. SSL is a security protocol.
In today’s day and age, a lot of transactions happen online and web servers and website owners for that matter hold the responsibility to maintain the security of the data that users enter and entrust them with.
DNN Development has been around for over a decade now and DNN currently powers millions of websites on the net. It is essential that you understand the basics of SLL implementation for DNN sites.
Here are a few quick steps to configure DNN – SSL
It’s a well known fact that backend web server is IIS from Microsoft. Ensure that you enable SSL for the website on IIS. You will need to get an appropriate certificate, create and appropriate HTTPS binding on the site and test it.
Configure SSL on your DNN Site
DNN (DotNetNuke) offers a way to ensure that the website or portal you develop can be secured using SSL. Ensure that you enable SSL for the entire site. You can do that by going to Admin -> Site Settings -> Advanced and open the SSL settings. Place a check mark where it asks you to enable SSL. Then update and save the settings.
DNN Login Pages
By default, DNN login page is not secure. You will need a custom account login module for DNN to create secure logins for users. Ensure that you create this page at root level and give it the name “login”. Create the login page with the following features: Login name, Parent page, accurate Permissions, Secure flag to be set. This will ensure that users are using the HTTPS protocol. DotNetNuke will automatically use the HTTPS protocol after this is set. Users don’t need to do anything special.
After creating this new login page, you will be required to tell DNN not to use the default page. Go to Admin, site setting and select page management. You need to go to “Login Page” and select your newly created page there.
SSL certificates are generally valid for a domain – or domain and it’s subdomains. The certificate depends on the vendor. So check out how that works too!
DNn sites have a simple way to configure everything. They work on a familiar Microsoft platform and yet provide users and DNN developers with the flexibility to develop modules and extensions with the open source code that is made available.