SharePoint 2013: How to hide FBA Login page warning

When working with SharePoint 2013 and using Forms Based Authentication (FBA) you would notice that SharePoint assumes that you will be using FBA with extranet scenario and on login page it gives you a warning message which looks something like this.


Basically SharePoint detects that your page is not using secure connection i.e. HTTPS and hence it warns you that you should use HTTPS given your username and password will be sent in clear text. Fair enough. But what if you have a UAT environment and you are not using HTTPS and you want to remove that warning message given you do not want your test users to be concerned.

Well there are two options to this.

1)      Best practice is to create a custom login page and then you can configure it the way you want. Here is the blog post explaining this process.

​2)      Second option which is not really a best practice but a quick fix. When you configure FBA on your web application SharePoint creates _forms folder under your Web Application virtual directory (typically under C:\inetpub\wwwroot\wss\VirtualDirectories\YourWebApp\_forms).

All you have to do is to go this folder then backup Default.aspx. Why? Well golden rule of SharePoint says, never modify out of the box file. So you are going to back up the file first before modifying the file.

Open the file and you will see a block of code (JavaScript code) which will read

if (document.location.protocol != ‘https:’)
   var SslWarning = document.getElementById(‘SslWarning’); = ”;

All you have to do is change if (document.location.protocol != ‘https:’)


if (document.location.protocol != ‘http:’)

This will trick the SharePoint warning and you will not see warning anymore.

I hope this helps someone.