In order to secure your pages when transmitting customer information over the internet (e.g. checkout, cart, registration, login pages, etc.), you need to enable SSL on your site (also known as HTTPS protocol).
You must first have a valid SSL certificate for your site and have it installed on your IIS server by your administrator. Follow the remaining steps to configure SSL on your DotNetNuke web site:
- Login as Host user.
- Go to Settings > Security page.
- Go to the More tab.
- Check the SSL Enabled checkbox.
- Check the SSL Enforced checkbox. When this option is set, pages which are not marked as Secure will not be accessible with SSL (HTTPS).
- Optionally enter a SSL URL only if you do not have a dedicated SSL Certificate installed for your site. An example would be a shared hosting account where the hosting company provides you with a shared SSL URL.
- Optionally enter the Standard URL. If an SSL URL is specified above, you will also need to specify a Standard URL for unsecure connections.
- Save your changes.
You will now need to indicate which pages need to be SSL secured. Typically, this should be any pages where sensitive customer information may be transmitted over the Internet such as Login, Registration, Cart, Checkout, Confirmation and Account pages.
- For each page needing to be SSL secured, go to its Page Settings. Under the Advanced Settings tab, expand the Other Settings panel and mark the Secure checkbox.
- Save your changes.