Is it possible to secure only the Login.aspx page (and the postback) and not

Question

0

Asked: May 10, 20262026-05-10T17:34:34+00:00 2026-05-10T17:34:34+00:00

Is it possible to secure only the Login.aspx page (and the postback) and not

0

Is it possible to secure only the Login.aspx page (and the postback) and not the whole site in IIS?
We are looking to do this specifically with a SharePoint site running Forms Based Authentication against our Active Directory.
Links to this will be helpful.

This is what we have done so far:
1. Setup SharePoint to use FBA against AD.
2. Moved Login Page to Secure/Login.aspx
3. Set the appropriate Login url in web.config as https://..../Secure/Login.aspx

This is not working and help is needed here. However even if this works, how do we get the user back to http from https?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

score 0 · Answer 1 · 2026-05-10T17:34:34+00:00

2026-05-10T17:34:34+00:00Added an answer on May 10, 2026 at 5:34 pm

There’s not a whole lot of point. If the only thing that’s encrypted is the Login.aspx page, that would mean that someone could sniff all the traffic that was not sent through the login page.

Which might prevent people from getting user:pass, but all your other data is exposed.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

Is it possible to secure only the Login.aspx page (and the postback) and not

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply