What is the best way to force encrypted logins, ie https?

We use our ldap server for authentication, and I don't want to allow clear text logins under any circumstances.

You can use dP via https.

Pedro A.

Thanks,

Yeah, I have that working... But the thing I'm unclear on is how to force an encrypted login. Expecting users to do it on their own is a guarantee it won't happen...

To be more specific, if a user attempts to login via http -vs- https, they would be forced to the https url. The rest of the site is not as critical. Just the login.

Check this post: Ensure Entry through SSL (http://www.dotproject.net/vbulletin/showthread.php?t=2790)

Check this post: Ensure Entry through SSL (http://www.dotproject.net/vbulletin/showthread.php?t=2790)

Ok, but here's a real newb question: Where do I find the form action address?

Duh. Didn't read far enough.

Did the .htaccess thing. No workee. Common errors I should be looking for?

Duh. Didn't read far enough.

Did the .htaccess thing. No workee. Common errors I should be looking for?

Ok - added to httpd.conf instead - now it works. Just wish there was a way I could force only the login page to ssl.