Configure the Orion Web Console to require SSL (deprecated)

This information is deprecated as of Orion Platform version 2017.1, which includes NPM 12.1, SAM 6.4, NCM 7.6, and VMAN 7.1.

1. In a text editor, open the Orion Web Console configuration file, web.config, on your primary SolarWinds server.

   The default location of web.config is C:\Inetpub\SolarWinds\.

2. In the <system.web> section, add the line:
   <httpCookies requireSSL="true" />
3. Locate the line:
   <forms loginUrl="~/Orion/Login.aspx" />
4. Edit it to <forms loginUrl="~/Orion/Login.aspx" requireSSL=”true” />.
5. To enable the HTTPOnly flag for added security, locate the <httpCookies> tag, and edit it to the following:
   <httpCookies httpOnlyCookies="true" requireSSL="true" />
6. Save and close web.config.