Powershell: Updating IIS web.config

Question

Needing to update IIS web.config to secure cookies by adding SSL.

Web.Config currently contains the following snippet.

<configuration> 
  <system.web> 
       <authentication mode="Forms">
            <forms loginUrl="~/Account/LogOn" timeout="2880" />
       </authentication>
  </system.web> 
</configuration> 

Wanting to update system.web section as follows.

Need to modify (Assume you would use Set-WebConfiguration)

<authentication mode="Forms">
to
<authentication mode="Forms" requireSSL="true">

Need to add (Assume you would use Add-WebConfiguration

<httpCookies httpOnlyCookies="true" />

Have used the following successfully to update web.config,

Add-WebConfigurationProperty -pspath "iis:\Sites\FMC" -filter "/appSettings" -name "." -Value @{key='fmcDataContextType';value='SqlRepository.fmcDataContext'}

But can't seem to get the right format for this purpose.

Answer 1

For requireSSL :

Set-WebConfigurationProperty -pspath 'MACHINE/WEBROOT/APPHOST/Default Web Site'  -filter "system.web/authentication/forms" -name "requireSSL" -value "True"

for httpOnlyCookies use:

Set-WebConfigurationProperty -pspath 'MACHINE/WEBROOT/APPHOST/Default Web Site'  -filter "system.web/httpCookies" -name "httpOnlyCookies" -value "True"

for adding httpOnlyCookies use:

Add-WebConfigurationProperty  //system.web 'MACHINE/WEBROOT/APPHOST/Default Web Site' -Name httpCookies -Value "True"

you have to replace Default Web Site with the name of your site.