SitePoint Sponsor

User Tag List

Results 1 to 9 of 9
  1. #1
    SitePoint Zealot manic's Avatar
    Join Date
    Dec 2001
    Location
    uk
    Posts
    138
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    secure layer use

    Are there any down sides to making the whole site jump to a secure layer from the word go?

    I have a site which does this from the point of login, but for people who don't login it stays in the normal zone. Just wondering about any possible side effects from making the default.asp jump straight into https unless it's there already.

    ** hoping for a quick answer to this one **
    Don't you just hate it when it works first time.

  2. #2
    The doctor is in... silver trophy MarcusJT's Avatar
    Join Date
    Jan 2002
    Location
    London
    Posts
    3,509
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    This should give you the idea:
    Code:
    If Request.ServerVariables("HTTPS") <> "ON" Then
    'redirect code goes here
    End If
    MarcusJT
    - former ASP web developer / former SPF "ASP Guru"
    - *very* old blog with some useful ASP code

    - Please think, Google, and search these forums before posting!

  3. #3
    SitePoint Zealot manic's Avatar
    Join Date
    Dec 2001
    Location
    uk
    Posts
    138
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I know how to do it, but thanks anyway

    just wondering if it's a good idea or not.
    Don't you just hate it when it works first time.

  4. #4
    The doctor is in... silver trophy MarcusJT's Avatar
    Join Date
    Jan 2002
    Location
    London
    Posts
    3,509
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Well, using HTTPS increases your costs (increased bandwidth use) and reduces the performance of your web server (due to encryption/decryption), so it's generally advisable to use it as sparingly as possible. Plus it might annoy search engine spiders.
    MarcusJT
    - former ASP web developer / former SPF "ASP Guru"
    - *very* old blog with some useful ASP code

    - Please think, Google, and search these forums before posting!

  5. #5
    SitePoint Zealot manic's Avatar
    Join Date
    Dec 2001
    Location
    uk
    Posts
    138
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Now that is interesting info... thanks for sharing!!!

    Guess I'll have to stop thinking about being lazy now.

    cheers!
    Don't you just hate it when it works first time.

  6. #6
    The doctor is in... silver trophy MarcusJT's Avatar
    Join Date
    Jan 2002
    Location
    London
    Posts
    3,509
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Naturally, if you're writing an Internet Banking app then you should use it throughout, but in most cases it's sufficient to just use it for the instances where the data transferred actually needs to be kept secure, e.g. the login pages.
    MarcusJT
    - former ASP web developer / former SPF "ASP Guru"
    - *very* old blog with some useful ASP code

    - Please think, Google, and search these forums before posting!

  7. #7
    SitePoint Zealot manic's Avatar
    Join Date
    Dec 2001
    Location
    uk
    Posts
    138
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    yeah, in this case it's the shopping basket screens... the rest is essential stuff for search engines.
    Don't you just hate it when it works first time.

  8. #8
    The doctor is in... silver trophy MarcusJT's Avatar
    Join Date
    Jan 2002
    Location
    London
    Posts
    3,509
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Surely only the checkout screens (where private data is entered) need to be secure?
    MarcusJT
    - former ASP web developer / former SPF "ASP Guru"
    - *very* old blog with some useful ASP code

    - Please think, Google, and search these forums before posting!

  9. #9
    SitePoint Zealot manic's Avatar
    Join Date
    Dec 2001
    Location
    uk
    Posts
    138
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    It's going to be secure as soon as they enter the checkout right through to the confirmation at the end. If people decided to wander into other areas of the site inbetween I don't mind if that's all done on a secure level.

    So long as search engine can see somewhere between 80,000 and 150,000 products every day then it's all good with me.
    Don't you just hate it when it works first time.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •