Jump to content

How Do I Force Use Of Https For My Login Page?

Recommended Posts

I submitted a ticket, but the help desk said that some of my questions were outside of their scope. The remaining questions are:


1. Can I use a shared secure URL to access a subdomain on my site, i.e. the web pages I'm developing are in swchoir.sylvesterbradley.org, the files that this subdomain refers to are in /home/sylvest/swchoir (i.e. not within public_html).


2. I have a login page on my website called index.php. Presumably I don't need to encrypt this since it contains no confidential information. I need to encrypt the response to this, which is a URL like swchoir.sylvesterbradley.org/do_login.php. Can I get this encrypted by simply setting my form action property to "https://swchoir.sylv.../do_login.php".


3. Do I have to do anything else to enable the encryption, or does the use of the https protocol enable all the necessary encryption on the client and decryption on the server?


4. How do I prevent people from accessing this page by using the URL http://swchoir.sylve...rg/do_login.php?


5. Does it matter whether I use method GET or POST for the login form?


Thanks for your help.


Edited by TCH-Thomas
See follow up post
Link to post
Share on other sites



Thanks for doing this. Ideally I would like to have the preceding two messages included in the forum, because I think to fully understand what I am asking people will need to have read these. That is why I included them in the file.


Thanks - Rowan

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...