transform a regular page to SSL

Forum Moderators: coopster

Message Too Old, No Replies

transform a regular page to SSL

kknusa

5:53 pm on Jan 7, 2004 (gmt 0)

Hi guys

I want to transform one of my login pages to an SSL one. I haven't used SSL so i have no idea how to start. Is it possible to get so starting info.

MY web server has openSSL support enabled and running the OpenSSL 0.9.6c version.

coopster

9:29 pm on Jan 7, 2004 (gmt 0)

Shopping Carts 101 [webmasterworld.com] should give you a good start. Page down to A Secure Protocol (HTTPS).

kknusa

10:43 pm on Jan 7, 2004 (gmt 0)

Thnks Coopster , i read that and undrestand that but i need something on the implementation level to work with.

kknusa

3:25 pm on Jan 8, 2004 (gmt 0)

Hi again , i've been doing some research on this issue and i think i'm going in the direction of using curl. I have a form that takes in user name , password ... and i want to make it an https page any one has information on how to start this?
I've read some info on Curl in php manual and tried some scripts but still feeling not that sure about the whole thing .

coopster

4:14 pm on Jan 8, 2004 (gmt 0)

Have you tried using https:// as the protocol on your page that is working (as opposed to opening it in your browser via http)?

What version of PHP are you running? (You can use phpinfo [php.net] to find out).
Note: HTTPS is supported starting from PHP 4.3.0, if you have compiled in support for OpenSSL.

kknusa

8:02 pm on Jan 8, 2004 (gmt 0)

OK here's where i am , through my webhost i was able to activate the SSL proxy for my site thus now i have
h2tp://www.mysite.com
[ssl.site.net...]

So now that i have it working , and i have a form let's say form.php and another file process.php that processes this form ,i should secure process.php thus i should call it like
[ssl.site.net...]
to ensure that the user information are being submitted in an encrypted form , right >?

Thus ingeneral any file that carries critical infromation to the db should be called by the [...?...]

Thank you for the help

volatilegx

8:52 pm on Jan 8, 2004 (gmt 0)

Actually my rule is that any time sensitive data is transferred from one computer to another, it should be SSL encrypted. So all sensitive data going from the client (web browser) to your server should be encrypted, and all sensitive data coming from the server to the client should be as well.

However, if you have a php script that is simply handling sensitive info without transmitting it to the client, then the data doesn't have to be encrypted.

kknusa

9:08 pm on Jan 8, 2004 (gmt 0)

OK then yeah, once data has been transformed and i want to change the protocol back to http how should that be done
I tried
header("location: h2tp://mysite/$register1");
but doesn't seem to work in sense that it remains in https protocol.