You are here: Foswiki>Support Web>SSLForNonViewScriptsOnly (30 Mar 2010, PaulHarvey) Edit this topic text (e) Attach an image or document to this topic; manage existing attachments (a) View sequential topic history View without formatting (v) Create new topic Printable version of this topic (p) More: delete or rename this topic; set parent topic; view and compare revisions (m)

Using SSL for non-view scripts only

  • Tip Category - Installation and Upgrading
  • Tip Added By - PaulHarvey - 31 Jul 2009 - 09:17
  • Extensions Used - HttpsRedirectPlugin
  • Useful To - Experts
  • Tip Status - Under Review
  • Related Topics -
The old version of this guide can be found at rev13.

But don't do it: your users will be exposing the same session cookie values they get when editing via https:// whenever they switch back to viewing a topic over http://

Use HttpsRedirectPlugin, ditch IE6 users, and use mod_expires and mod_headers in your apache config to improve SSL performance for your authenticated users over SSL.

-- PaulHarvey - 30 Mar 2010

BestPracticeTipsForm edit

Category Installation and Upgrading
Edit | Attach | Print version | History: r14 < r13 < r12 < r11 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r14 - 30 Mar 2010, PaulHarvey
 
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. see CopyrightStatement. Creative Commons LicenseGet Foswiki at sourceforge.net. Fast, secure and Free Open Source software downloads