SSL Required on certain sections only

hi all im makiing a new website www.nannyknits.co.uk
and part of the site has a members account area where their details are accessed, check process of order etc. and this is the only section i need secured is there a way to make sure that that section has to be through the SSL but the main site (shop ) doesn't have to be, its only when the user changes there details or goes to the check out?

can anyoine help will this dilemar
 
well, if you enable ssl on nannyknits.co.uk, your site could be accessed both over HTTPS and HTTP

so you could just link to a secure section like this https://nannyknits.co.uk/secure

But if you want to disable HTTP access to /secure, you'd have to create a sub domain: secure.nannyknits.co.uk and buy a certificate for this sub domain. while installaling your certificate, you'd be given an option to disable HTTP access
 
Alternatively you could use scripts that only function when on a secure connection, which you should be able to detect using Request.ServerVariables in ASP (CERT_* values) or $_SERVER['REMOTE_PORT'] in PHP.

That way, you can easily enable and disable required usage of SSL if so needed, without creating a subdomain.

Personally I wouldn't make SSL mandatory in this case, but it's nice to have it available.
 
SubSpace said:
Alternatively you could use scripts that only function when on a secure connection, which you should be able to detect using Request.ServerVariables in ASP (CERT_* values) or $_SERVER['REMOTE_PORT'] in PHP.

That way, you can easily enable and disable required usage of SSL if so needed, without creating a subdomain.

Personally I wouldn't make SSL mandatory in this case, but it's nice to have it available.


thanx both,

i think ill use the coding .. so that clients can login under secure or not ...

to YASH on the newreply.php file you have a js error

theform.message is null or not a value ..

http://support.jodohost.com/newreply.php?do=newreply&p=9960
 
Back
Top