Hi Everyone:

I will be developing a website in which the company has some specific requirements for how certain pages are handled. For example, due to the sensitivity of some of the administration of the CMS and also the information being provided via front end forms, they require these pages to be behind an SSL.

IS there a difficult process to do this? Does anyone know of good documentation for this? I have searched and have found some older posts, but nothing with real good documentation.
ANy help/direction would be greatly appreciated.

I will wind up building using the newest stable release of SS.

Hey yea it's built in - you can put the whle site into SSL mode by adding Director::forceSSL() to your config. You can also just have certain page types use SSL by putting it in their controller.

Have a look at http://doc.silverstripe.org/ssl

Hi Howard:

I saw this but was a little confused being that I am not overly proficient in some areas.

"MySecurePage" would be what ever page type i need to be behind ssl?

Where do i add the second part of that code?

class Page_Controller extends ContentController {
 
    function init() {
        parent::init();
        if ( !$this->SecurePage() ) {
            $this->force_HTTP();
        }
    }
 
    function SecurePage() {
        return false;
    }
 
    // if we are on https, redirect to the http version of this page's URL
    function force_HTTP() {
        $page_url    = Director::absoluteURL( $_SERVER['REQUEST_URI'] );
        $https_regex = '{^https:}';
        if ( preg_match( $https_regex, $page_url ) ) {
            $new_url = preg_replace( $https_regex, 'http:', $page_url );
            Director::redirect($new_url);
        }
    }
}

Also- what about for the Administration part? Can you help direct me to where i would edit the code to force the entire admin area into ssl?

Sorry for being the laymen!!!