| SitePoint Sponsor |
hi all
my site is in php+mysql and i m on shared hosting
i am planning to buy ssl certificate for my site and will be using it for some of the pages.
i m using absolute paths for images and scripts so that i will change accordingly.
Can you tell
1) rest what all changes do i have to make in my page coding ?
2) will i be able to use same sessions ?
3) Does it make any difference if i make whole site https OR use https for just some pages like login etc.
vineet
You have identified properly the changes you need to make. Any link exists on or links to a https page needs to start with https://. If after you configure your certificate, if you get 'mixed http/https' message then most likely it Flash or JavaScript that needs to be adjusted.Originally Posted by vinpkl
Yes you will be able to use the same sessions.
It does make a difference; https needs to do two trips as opposed to one for http. There are some sites that have chosen recently to use HTTPS exclusively - with computers, internet connections and browsers processing being quicker these days, it can be argued that you don't need to use http; however I still only secure the pages that require secure data. I just think save the users some grief if the load becomes great.
hi ServerStorm
thanks for the reply.
I know they will be installing the SSL Certificate on my online hosting account.
But i want to test my code that i change for https on localhost before making it online.
I dont want the error or any message to be displayed to my customer while i m testing it online.
what can be done ?
vineet
Hi,
You can go on google and search for generating a self-signed certificate. You can then configure the self-signed certificate in the same way that you will with your real cert. When you test you will get a warning that it is not using a secure certificate, but you can test all your content that is secured using https.
So yes it can be done, just a little work. I doesn't hurt to know how to do this so it is time well spent.
Regards,
Steve
ok one more question.
i know i have to redirected the links for internal pages. but what about index page.
When the hosting provider will install the ssl certificate then if a user will type "domain.com" then the site will automatically get redirected to "https://domain.com" or it will still open at "domain.com"
because index.php loads automatically when the domain name is typed in address bar
vineet
Hi,
This can be enforces a couple of different way.
- Use stealth redirection. You configure this via your Public DNS. Not all DNS hosts support this service. When users type http://, https:// or just your domain they will be redirected to https://your_domain.com
- Use mod-rewrite configured on your server. If you are using Apache then this would be set in a .htaccess file and you would need to have the mod-rewrite module enable on the server your using; typically hosts have this enabled with shared hosting.
Regards,
Steve
Posting Permissions
Reply With Quote
Bookmarks