Forums » Help »
Force https for login and logged in users
Added by Felix Schäfer over 14 years ago
Hello,
We actually have our redmine on an https-only host, with a hard redirect from http to https. I think this is neither needed nor satisfying for casual visitors, so I'd like to force https only on logged in users, or at least for login, so that no password is sent cleartext. Is there any mechanism in redmine to force https on logged in users, or any http headers I could test for to determine if they are logged in? If not, which URL would I have to force https on to ensure at least the login goes over a secure wire?
Thanks!
Hey Felix,
did you find a solution to your question?
Cheers,
RE: Force https for login and logged in users
-
Added by flurios fl over 12 years ago