If you are passing sensitive data, you want to force the client's browser to use SSL(https) and you have SSL installed, you may use.
- Save the following code in the root folder of your Website as an include file named ForceSSL.inc:
<% If Request.ServerVariables("SERVER_PORT")=80 Then Dim strSecureURL strSecureURL = "https://" strSecureURL = strSecureURL & Request.ServerVariables("SERVER_NAME") strSecureURL = strSecureURL & Request.ServerVariables("URL") Response.Redirect strSecureURL End If %>
2. For each ASP page that requires SSL, insert the following code at the top of the page to reference the include file from the previous step:
<%@Language="VBSCRIPT"%> <!--#include virtual="/ForceSSL.inc"-->
When each ASP page is browsed, the ASP code contained in the include file will detect the port to determine if HTTP is being used. If HTTP is being used, the browser will be redirected to the same page using HTTPS.