Jump to content

Using SSL and separating websites


Recommended Posts

I currently have a .co.uk website using PHP and a login script.  I have implemented several security measures and have tailored my code to stop SQL injection and XSS (as far as I know).  The next step is to use SSL.  I have purchased an SSL certificate, but I'm not sure how it will fit into my design.

 

I have a main website where users can browse products, look at more detailed product and company information etc.  However, on there I have a login script where users can login and look at different information.  When users log in they can still see the same pages as before, but with some additional, previously hidden information.  How would I handle hyperlinks in this situation?  Would I have to use https all the time, even when a user is not logged in to achieve the desired result?  Would I need to create a subdomain, say users.mydomain.co.uk and have a copy of all the general files in there as well as on the root?  I really don't know how to proceed.

Link to comment
Share on other sites

You should encrypt the connection whenever confidential data is being transmitted. This could be user login information, credit card information, etc. You could also opt to encrypt all connections. You must be aware that you need a dedicated IP address for your certificate if you need to use it across various subdomains then you'll need a wildcard certificate.

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.