HTTPS for transaction pages, HTTP for everything else

Hey everyone,
I have an issue with the website I’m working on (and to be honest I’m a designer, so I’m asking this on behalf of the programmer I’m working with). :stuck_out_tongue_winking_eye:

HTTPS works great when you go to the shopping basket and click “checkout”, this is important to secure the transaction and credit card information in 256 bit encryption for the customer’s well being. However, when the user decides to go from the HTTPS shopping basket page back to the homepage, or any other page that does not require a secure connection for that matter, the website sticks with HTTPS sitewide and it kind of slows it down a bit too.

Is this an apache related issue, and can it be fixed quite easily (to only show HTTPS on the shopping basket transaction pages, and HTTP on the rest of the site)?


This just depends on how your shopping cart application is written.

It sounds like your links on your transaction page, or whatever is taking your visitor back to your website, is not specifying HTTP and instead is just using relative links. Thus once the page is on HTTPS, the links and redirects are always in HTTPS.

This would need to be something that is changed in the coding of the application or website.


Have you read the sticky thread for this forum? Have you read the tutorial article linked in my signature? Your code is in there as well as the suggestion that all links be absolute (external) AND that your checkout page check the use of port 443

if (80 == $_SERVER['SERVER_PORT']) header('Location:');

where checkout.php IS this page!