: How to setup SSL to protect secure information At the moment I have a website running in quite an insecure way, I'll refer to it as example.com. To add better security we're starting to store
At the moment I have a website running in quite an insecure way, I'll refer to it as example.com.
To add better security we're starting to store passwords using bcrypt but we are currently not using SSL so they could be viewed upon submission.
When setting up SSL and purchasing the certificate should the hostname be example.com if that's the only place you wish to use SSL?
Say we only want logged in members to use SSL then would PHP scripts need changing in some way and from an SEO aspect is any different to ?
Would the site work as example.com/index.php and example.com/index.php because this would be bad having multiple instances of one thing?
I'm very new to SSL security and not quite sure I'm grasping the concept of it correctly at the moment? We basically want the login forms and members part of the site use SSL.
More posts by @Ravi8258870
2 Comments
Sorted by latest first Latest Oldest Best
1.In IIS Manager, expand the local computer, and then expand the Web Sites folder. Right-click the Web site or file that you want to protect with SSL, and then click Properties.
2. Under Web site identification, click Advanced.
3. In the Advanced Web site identification box, under Multiple identities for this Web site, verify that the Web site IP address is assigned to port 443 (the default port for secure communications), and then click OK. Optionally, to configure more SSL ports for this Web site, click Add under Multiple identities of this Web site, and then click OK.
4. On the Directory Security tab, under Secure communications, click Edit.
5. In the Secure Communications box, select the Require secure channel (SSL) check box.
When you buy an SSL for a domain name almost all providers will make the cert valid for the www subdomain as well.
Once the SSL is installed all of your site will be available via secure or standard connections. It is possible to make secure connections serve different content for the same URL but this would be highly unusual. You can either direct people to secure connections by simply creating links on your page to the https URL or you can force people with URL rewriting.
There are no SEO problems. Search engines will follow https links and will not see having the same content available over separate protocols as separate instances, no need for canonical tags.
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.