Needing to update IIS web.config to secure cookies by adding SSL.
Web.Config currently contains the following snippet.
<configuration>
<system.web>
<authentication mode="Forms">
<forms loginUrl="~/Account/LogOn" timeout="2880" />
</authentication>
</system.web>
</configuration>
Wanting to update system.web section as follows.
Need to modify (Assume you would use Set-WebConfiguration)
<authentication mode="Forms">
to
<authentication mode="Forms" requireSSL="true">
Need to add (Assume you would use Add-WebConfiguration
<httpCookies httpOnlyCookies="true" />
Have used the following successfully to update web.config,
Add-WebConfigurationProperty -pspath "iis:\Sites\FMC" -filter "/appSettings" -name "." -Value @{key='fmcDataContextType';value='SqlRepository.fmcDataContext'}
But can't seem to get the right format for this purpose.
For requireSSL :
Set-WebConfigurationProperty -pspath 'MACHINE/WEBROOT/APPHOST/Default Web Site' -filter "system.web/authentication/forms" -name "requireSSL" -value "True"
for httpOnlyCookies use:
Set-WebConfigurationProperty -pspath 'MACHINE/WEBROOT/APPHOST/Default Web Site' -filter "system.web/httpCookies" -name "httpOnlyCookies" -value "True"
for adding httpOnlyCookies use:
Add-WebConfigurationProperty //system.web 'MACHINE/WEBROOT/APPHOST/Default Web Site' -Name httpCookies -Value "True"
you have to replace Default Web Site
with the name of your site.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.