There are two options of installing the
Installing as a web site: This configuration gives you the advantage of having a "nice" URL for accessing the
SSPsuch as "https://www.example.com/" (or "https:// hd.example.com/" if you have a web site with a third-level domain name).
Installing into a virtual directory: In this configuration, your URL for accessing the
SSPwill include the virtual directory name (such as "https://www.example.com/ hd/").
For our web applications, we strongly advise you to use HTTPS. HTTPS is the best practice and the current standard for securing web traffic. It protects the data that is exchanged between your web server and your users’ browsers from unauthorized access and tampering. Using HTTP might result in certain features being blocked because modern browsers are gradually phasing out support for HTTP.
INFO: For instructions on how to configure Secure Sockets Layer (SSL) for a site, see Microsoft: How to enable SSL for all customers who interact with your Web site in IIS.