Menu
I need some secure pages on my site. I've purchased (and my host has installed) a secure certificate for the domain in question.
What does one do at that point? How do I make certain pages secure, do I have to put them in a specific directory? Or use some headers or something? I have no idea how this works.
Hopefully someone can point me in the right direction.
232
PHP is as secure as any other major language. PHP is as secure as any major server-side language. With the new PHP frameworks and tools introduced over the last few years, it is now easier than ever to manage top-notch security.
Maybe it's much easier than you think. If your provider has installed the certificate, then just call the page with the correct protocoll, that means https://www.example.com/page.html instead of http://www.example.com/page.html .
The difficult part is to make sure, that the page can only be called with the HTTPS protocoll and is not accessible with HTTP. Relative links will use the same protocoll as the originating page.
The easiest way is surely, to make your whole site HTTPS only (you can use relative links then). Some providers offer this option in their control panel. If there is no such option, you can write a .htaccess file and place it in the root direcotry. This lines will redirect any HTTP requests to HTTPS requests:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L]
Of course you should replace example.com with your own domain.
131
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
