I have SSL activated for my site by my host. I have the Secure Pages module enabled. However, if you type http://www.mysite.com, I'd like it to redirect to https://www.mysite.com. I'm not sure "redirect" is the right word, but my point is, I need logins to be secure. Anyone know how I accomplish this?

Comments

stevethompson’s picture

stevethompson CreditAttribution: stevethompson commented

One way to do this is to take the login block off of the front page. Then add a menu item that links to the page yoursite.tld/user. This is a user login page. Then be sure that the /user page is secured through SecurePages.

There may also be a way to secure the login block on the front page, but I don't mind the one extra click for users to log on.

jethro’s picture

jethro CreditAttribution: jethro commented

This page mentions securing the login block.
http://success.grownupgeek.com/index.php/2009/07/12/drupal-ssl/

I think maybe they are modifying the block form to post to the login page which is secure.

ShannonK’s picture

ShannonK CreditAttribution: ShannonK commented

I ended up making my whole site secure and uninstalling Secure Pages. I didn't like the pop-ups saying "you're about to leave a secure page" etc.

I may revisit this issue in the future if the site suffers a performance loss...but so far that has not been the issue.

Thank you for the input!

izmeez’s picture

izmeez CreditAttribution: izmeez commented
Issue summary: View changes

Thanks for the link in #2. It has several useful points and might be worthwhile to add to the securepages module page.