Hey all, I went looking at the existing system and came up with a fairly easy proceedure to force your GCN site to use SSL for the delicate Login and Register pages. You could choose to use it for anything by just adding to the list found in the CheckToSecurePage proceedure. All code here is in C#. First, you need to add a key to your web.config file. I did this so I could easily turn on and off my SSL. Add this to the section of web.config Like this: ....... Next I added the following procedure to \Engine\Framework\BaseClasses\CommunityGlobals.cs public static void CheckToSecurePage(System.Web.HttpContext Context) { bool SecurityEnabled = false; NameValueCollection nvc = (NameValueCollection) ConfigurationSettings.GetConfig("communityStarterKit/services"); try //use the try catch in case the key does not exist. { SecurityEnabled = bool.Parse(nvc[ "forceUseOfSecureHTTP" ]); } catch { SecurityEnabled = false; } if (SecurityEnabled) { string pagename = Context.Request.RawUrl.ToLower(); bool needSecure = false; if (pagename.IndexOf("users_editprofile.aspx") > 0) {needSecure = true;} if (pagename.IndexOf("users_login.aspx") > 0) {needSecure = true;} if (pagename.IndexOf("users_register.aspx") > 0) {needSecure = true;} if (needSecure && !Context.Request.IsSecureConnection) { {Context.Response.Redirect("https://" + PrimaryDomain + Context.Request.RawUrl);} } else if(!needSecure && Context.Request.IsSecureConnection) { {Context.Response.Redirect("http://" + PrimaryDomain + Context.Request.RawUrl);} } } else if (Context.Request.IsSecureConnection) { Context.Response.Redirect("http://" + PrimaryDomain + Context.Request.RawUrl); } } Finally, you go to the default page handler for all requests in the application, communityDefault.aspx in the root directory. Simply call the above procedure as the first line of the Page_Init procedure. public class communityDefault : System.Web.UI.Page { void Page_Init(Object s, EventArgs e){ CommunityGlobals.CheckToSecurePage(Context);