I've just taken over a new site

I notice that we have a website that is supposed to be secure - for logon
purposes

when you connect to https://website name  - you get an ssl connection

however if you can enter http://website name - you get to the same logon
page  - but its just http - no SSL

Anyone got an ideal of why this may be and how I can disable the http
connection ?

You have two options.  If you just want users to not be able to access the
page oven an insecure channel, you can open IIS admin, right click on the
site/directory you want to require ssl on and click properties.  You should
be able to select the directory security tab, then click the edit button and
select the box for "require ssl". 
This will give users an error when they try to access the site without SSL. 
Personally I'd have a page that automatically forwards them to the https
version of the page.  Use live search to search for something like "redirect
http https iis" (without the quotes) for examples how to do this. 

Good luck,
Dan H

Show quoteHide quote

Unable to upload files over 1MB
SSL vs Windows Integrated Security
dynamic client authentication
Managing IP restrictions in IIS 6.0 - nightmare!
Multiple website in single IP, host header and SSL problem
Delegation: IIS Server setup in typical 3-tier scenario.
IIS authentication (kerberos and Integrated security)
One Virtual Directory, Many SSL Certificates?
https and Local System account
IIS 7.0 Full install on Vista Ult. 64-bit SP1 Virtual Server acces