Welcome to WebmasterWorld Guest from 220.127.116.11
I've been searching Google and here for a while and haven't found what I'm looking for.
I've written a shopping cart for use with Paypal payments. I know it isn't neseccary to use https as I wont be handling CC info, but for user experience would like the 'secure feeling'.
I have a free shared SSL with my host and have generated the keys/certs through Cpanel.
I just haven't got a clue what to do with them. I can't find any tutorials from the host. I vagely understand that the data is encrypted and decrypted somehow on the https page, but that's as far as I have got.
I've just refined my search while writing this as I am using PHP and found [uk.php.net...] so I will check that out. If anyone knows any good tutorials on the basics of using https please let me know.
But most of the time you want your visitors on plain, unencrypted http:// pages, because it's faster. Your server won't have to spend time encrypting the data, and the visitors computer won't have to spend time decrypting it (and vice versa for data that goes from the user to the server). So on unimportant pages you should direct requests from https:// to the http:// counterpart. But for pages that should be secure, like credit card info, you should do the opposite, and redirect any http:// requests to https:// requests. Make sure it's impossible for the user to put in credit card info on a http:// page, even if they type the http:// address by hand.