|
|
|
|
12-22-2004, 06:23 PM
|
#1 |
http and https
I am going to have a https protocol in a short time.
Now the question is: do you think that it would be better to have the same pages both in http and https? Or redirect all the pages into https? Which are the main advantages and disadvantage of the 2 options in your opinion? -- Luigi ( un italiano che vive in Svezia) http://www.scaiecat-spa-gigi.com/de/...ikel-1168.html Luigi Donatello Asero |
|
|
|
12-22-2004, 06:44 PM
|
#2 |
|
Posts: n/a
|
Re: http and https
On Wed, 22 Dec 2004 18:23:01 GMT, "Luigi Donatello Asero"
<> wrote: >do you think that it would be better to have the same pages both in http and >https? No. >Or redirect all the pages into https? Not unless all your traffic contains sensitive data. Have transactions that will contains secure data use https and transactions that won't use http. >Which are the main advantages and disadvantage of the 2 options in your >opinion? https: secure. http: cacheable, faster. Steve |
|
|
|
12-22-2004, 06:53 PM
|
#3 |
|
Posts: n/a
|
Re: http and https
"Steve Pugh" <> skrev i meddelandet news:... > On Wed, 22 Dec 2004 18:23:01 GMT, "Luigi Donatello Asero" > <> wrote: > > >do you think that it would be better to have the same pages both in http and > >https? > > No. > > >Or redirect all the pages into https? > > Not unless all your traffic contains sensitive data. > > Have transactions that will contains secure data use https and > transactions that won't use http. > > >Which are the main advantages and disadvantage of the 2 options in your > >opinion? > > https: secure. > http: cacheable, faster. Do you mean that https pages are not indexed by search engines? -- Luigi ( un italiano che vive in Svezia) http://www.scaiecat-spa-gigi.com/de/...ikel-1168.html |
|
|
|
12-22-2004, 07:20 PM
|
#4 |
|
Posts: n/a
|
Re: http and https
"Luigi Donatello Asero" <> wrote:
>"Steve Pugh" <> skrev i meddelandet >news:.. . >> "Luigi Donatello Asero" <> wrote: >> >> >Which are the main advantages and disadvantage of the 2 options in your >> >opinion? >> >> https: secure. >> http: cacheable, faster. > >Do you mean that https pages are not indexed by search engines? No I don't mean that. I meant what I said, nothing more. https pages are indexed by search engines (Google for https and look at the URL of the third result). Steve |
|
|
|
12-22-2004, 08:33 PM
|
#5 |
|
Posts: n/a
|
Re: http and https
>> do you think that it would be better to have the same pages both in
http and https? No. Why do you want to do that ? Only put the area of the site that has the senstive data behind the ssl. Every time you huit a page under the ssl the server has to encrypt and decrypt your pages which affects your client's speed considerably. Not to mention people that have that "You're going to a secure page" pop up box enabled. Only apply it where necessary - like the registraiotn pages, or credit submission, etc. There is no need to duplicate the pages if for some reason you *must* have the enitre site behind ssl - but I can't imagine why you'd want this. If you mention what you're trying to accomplish we may be able to help more. |
|
|
|
12-22-2004, 08:41 PM
|
#6 |
|
Posts: n/a
|
Re: http and https
Luigi Donatello Asero wrote:
> do you think that it would be better to have the same pages both in > http and https? Or redirect all the pages into https? Neither. The only pages that you need to have in https are the ones that contain sensitive data such as credit card payment details etc. So I would just put these pages there as well as any images that are on those pages. -- Dylan Parry http://webpageworkshop.co.uk -- FREE Web tutorials and references |
|
|
|
12-22-2004, 09:58 PM
|
#7 |
|
Posts: n/a
|
Re: http and https
<> skrev i meddelandet news: ups.com... > >> do you think that it would be better to have the same pages both in > http and https? > > No. Why do you want to do that ? > > Only put the area of the site that has the senstive data behind the > ssl. Every time you huit a page under the ssl the server has to encrypt > and decrypt your pages which affects your client's speed considerably. > Not to mention people that have that "You're going to a secure page" > pop up box enabled. > > Only apply it where necessary - like the registraiotn pages, or credit > submission, etc. > > There is no need to duplicate the pages if for some reason you *must* > have the enitre site behind ssl - but I can't imagine why you'd want > this. > > If you mention what you're trying to accomplish we may be able to help > more. How can I grant that photo which shows a certain product which is on a http page really comes from my website? If the customer has to make a choice, that means whether he or she buys it, even on the grounds of this photo, it should be on a safe page, shouldn´t it? But, in fact, many pages which I have on the website have photos, they are sometimes photos which show shoes, other times for example holidays lodgings which I show to offer my intermediation for rent to tourists. So, the question is whether all these photos must be regarded as a part of the offer and be placed on safe pages (https) -- Luigi ( un italiano che vive in Svezia) http://www.scaiecat-spa-gigi.com/de/...ikel-1168.html |
|
|
|
12-22-2004, 10:07 PM
|
#8 |
|
Posts: n/a
|
Re: http and https
The other option would be not to consider the photos as part of the offer and may-be let customers print them and send me by snail-post to let me know which photo they refer to. I could answer their inquiry and confirm their order if I want to. In this case the customer would do the proposal to acquire and I would accept or reject it. It sounds as the second option is safer. -- Luigi ( un italiano che vive in Svezia) http://www.scaiecat-spa-gigi.com/de/...ikel-1168.html |
|
|
|
12-22-2004, 10:15 PM
|
#9 |
|
Posts: n/a
|
Re: http and https
"Luigi Donatello Asero" <> wrote:
>How can I grant that photo which shows a certain product which is on a http >page really comes from my website? A user can check the photo's properties to see that it comes from your server. That has got nothing to do with https vs http. >If the customer has to make a choice, that means whether he or she buys it, >even on the grounds of this photo, it should be on a safe page, shouldn´t >it? No. >But, in fact, many pages which I have on the website have photos, they are >sometimes photos which show shoes, other times for example holidays lodgings >which I show to offer my intermediation for rent to tourists. Are you saying that you would refuse to buy from amazon because the cover pics for the books aren't on a secure server? >So, the question is whether all these photos must be regarded as a part of >the offer and be placed on safe pages (https) No. https has nothing to do with offering guarantee about the quality of information on a web site. It is solely concerened with securing the transfer of information between the browser and the server. It's a technical solution to the problem of possible interception of http requests, that's all. Steve |
|
|
|
12-22-2004, 10:16 PM
|
#10 |
|
Posts: n/a
|
Re: http and https
Luigi Donatello Asero wrote:
> <> skrev i meddelandet > news: ups.com... > >>>>do you think that it would be better to have the same pages both in >> >>http and https? >> >>No. Why do you want to do that ? >> >>Only put the area of the site that has the senstive data behind the >>ssl. Every time you huit a page under the ssl the server has to encrypt >>and decrypt your pages which affects your client's speed considerably. >>Not to mention people that have that "You're going to a secure page" >>pop up box enabled. >> >>Only apply it where necessary - like the registraiotn pages, or credit >>submission, etc. >> >>There is no need to duplicate the pages if for some reason you *must* >>have the enitre site behind ssl - but I can't imagine why you'd want >>this. >> >>If you mention what you're trying to accomplish we may be able to help >>more. > > > How can I grant that photo which shows a certain product which is on a http > page really comes from my website? > If the customer has to make a choice, that means whether he or she buys it, > even on the grounds of this photo, it should be on a safe page, shouldn´t > it? > But, in fact, many pages which I have on the website have photos, they are > sometimes photos which show shoes, other times for example holidays lodgings > which I show to offer my intermediation for rent to tourists. > So, the question is whether all these photos must be regarded as a part of > the offer and be placed on safe pages (https) > That sounds like overkill to me. You're implying that a hacker (or wierdo) might, for some reason, intercept a transmission from your site to a user and replace an image (or the HTML link) of a holiday destination with a different one? Oli |
|
|
