[FX.php List] [OFF] https per page?
Dale Bengston
dbengston at tds.net
Tue Dec 8 08:35:44 MST 2009
This is where I'm at too. I just use the web server to redirect http to https and put the entire site under SSL.
Dale
On Dec 8, 2009, at 9:08 AM, Gjermund Gusland Thorsen wrote:
> Why do you bother having http when you have https?
>
> I would use apache redirect from the http to https...
>
> ggt
>
> 2009/12/8 david weiner <1265 at lucerneblvd.org>:
>> Yes, both domains point to the same directory.
>> I'm doing all the submitting via https, but you can do it either way. The thing about loading the page (say from a menu link) under https is that the user could come from anywhere so you can't control the protocol, but you can control the submit button.
>>
>> - David
>>
>>
>> On Dec 7, 2009, at 3:51 PM, Joel Shapiro wrote:
>>
>>> Thanks David
>>>
>>> By "have your dns written so both domains work for the all the pages" do you mean that:
>>> mysite.com/page.php and secure.mysite.com/page.php both point to the same page?
>>>
>>> Also, to get to secure.mysite.com pages, are you using the full URL (https...) in your links? Or are you just *submitting* to https pages via forms' "action="?
>>>
>>> -Joel
>>>
>>>
>>> On Dec 7, 2009, at 3:43 PM, david weiner wrote:
>>>
>>>> I've set up a sub-domain for this, i.e. mysite.com and secure.mysite.com then generated the cert. for the sub-domain and have your dns written so both domains work for the all the pages and then move back and forth as needed. Any form submission scripts will use the https so your information transfer will always happen under SSL but you won't have the extra burden of transmitting every page securely.
>>>>
>>>> - david
>>>>
>>>>
>>>> On Dec 7, 2009, at 3:34 PM, Dale Bengston wrote:
>>>>
>>>>> Hi Joel,
>>>>>
>>>>> With relative links, you're looking at all-or-nothing unless you make them absolute. If there isn't any harm in having the whole site be https, why not just go for it?
>>>>>
>>>>> Dale
>>>>>
>>>>> On Dec 7, 2009, at 5:11 PM, Joel Shapiro wrote:
>>>>>
>>>>>> Hi all
>>>>>>
>>>>>> What's the best way to use an SSL cert on only certain pages (e.g. login & checkout)?
>>>>>>
>>>>>> I'd like to keep my links 'local' (e.g. detail.php?id=123 instead of http://server/detail.php?id=123) but have certain pages always use https.
>>>>>>
>>>>>> Is there an easy setup in Apache or something, or do I need to check at the top of the PHP and redirect if it's the wrong protocol?
>>>>>>
>>>>>> OS X Server 10.6
>>>>>>
>>>>>> TIA,
>>>>>> -Joel
>>>>>> _______________________________________________
>>>>>> FX.php_List mailing list
>>>>>> FX.php_List at mail.iviking.org
>>>>>> http://www.iviking.org/mailman/listinfo/fx.php_list
>>>>>
>>>>> _______________________________________________
>>>>> FX.php_List mailing list
>>>>> FX.php_List at mail.iviking.org
>>>>> http://www.iviking.org/mailman/listinfo/fx.php_list
>>>>
>>>> _______________________________________________
>>>> FX.php_List mailing list
>>>> FX.php_List at mail.iviking.org
>>>> http://www.iviking.org/mailman/listinfo/fx.php_list
>>>
>>> _______________________________________________
>>> FX.php_List mailing list
>>> FX.php_List at mail.iviking.org
>>> http://www.iviking.org/mailman/listinfo/fx.php_list
>>
>> _______________________________________________
>> FX.php_List mailing list
>> FX.php_List at mail.iviking.org
>> http://www.iviking.org/mailman/listinfo/fx.php_list
>>
> _______________________________________________
> FX.php_List mailing list
> FX.php_List at mail.iviking.org
> http://www.iviking.org/mailman/listinfo/fx.php_list
More information about the FX.php_List
mailing list