For additional security we recommend that you always configure Incentive to be served over https. Especially if your server is not behind a firewall. To configure Incentive to use https you need to do the following:
- Configure the Incentive website in your IIS web server with an SSL certificate. See https://www.iis.net/learn/manage/configuring-security/how-to-set-up-ssl-on-iis.
- Configure the Application url under "Manage / System Settings" to use the https protocol, e.g. if your site was previously configured with http:/incentive.myserver.org you should now enter https://incentive.myserver.org.
- Optionally force Incentive to always require SSL by adding the following line to your web.config under
<add key="https" value="true" />