SitePoint Sponsor

User Tag List

Results 1 to 3 of 3
  1. #1
    SitePoint Addict revlimiter's Avatar
    Join Date
    Sep 2005
    Location
    British Columbia, Canada
    Posts
    275
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    HTTPS for transaction pages, HTTP for everything else

    Hey everyone,
    I have an issue with the website I'm working on (and to be honest I'm a designer, so I'm asking this on behalf of the programmer I'm working with). ;P

    HTTPS works great when you go to the shopping basket and click "checkout", this is important to secure the transaction and credit card information in 256 bit encryption for the customer's well being. However, when the user decides to go from the HTTPS shopping basket page back to the homepage, or any other page that does not require a secure connection for that matter, the website sticks with HTTPS sitewide and it kind of slows it down a bit too.

    Is this an apache related issue, and can it be fixed quite easily (to only show HTTPS on the shopping basket transaction pages, and HTTP on the rest of the site)?

    Thanks!
    "To make an apple pie from scratch,
    you must first create the universe.
    -Carl Sagan

  2. #2
    SitePoint Zealot
    Join Date
    Oct 2008
    Posts
    167
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    This just depends on how your shopping cart application is written.

    It sounds like your links on your transaction page, or whatever is taking your visitor back to your website, is not specifying HTTP and instead is just using relative links. Thus once the page is on HTTPS, the links and redirects are always in HTTPS.

    This would need to be something that is changed in the coding of the application or website.
    CanisHosting - Web Hosting plans starting at $3.95 per month

  3. #3
    Certified Ethical Hacker silver trophybronze trophy dklynn's Avatar
    Join Date
    Feb 2002
    Location
    Auckland
    Posts
    14,645
    Mentioned
    19 Post(s)
    Tagged
    3 Thread(s)
    rev,

    Have you read the sticky thread for this forum? Have you read the tutorial article linked in my signature? Your code is in there as well as the suggestion that all links be absolute (external) AND that your checkout page check the use of port 443
    Code:
    if (80 == $_SERVER['SERVER_PORT']) header('Location: https://example.com/checkout.php');
    where checkout.php IS this page!

    Regards,

    DK
    David K. Lynn - Data Koncepts is a long-time WebHostingBuzz (US/UK)
    Client and (unpaid) WHB Ambassador
    mod_rewrite Tutorial Article (setup, config, test & write
    mod_rewrite regex w/sample code) and Code Generator


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •