Using SSL for non-view scripts only

  • Tip Category - Installation and Upgrading
  • Tip Added By - PaulHarvey - 31 Jul 2009 - 09:17
  • Extensions Used - HttpsRedirectPlugin
  • Useful To - Experts
  • Tip Status - Under Review
  • Related Topics -
The old version of this guide can be found at rev13.

But don't do it: your users will be exposing the same session cookie values they get when editing via https:// whenever they switch back to viewing a topic over http://

Use HttpsRedirectPlugin, ditch IE6 users, and use mod_expires and mod_headers in your apache config to improve SSL performance for your authenticated users over SSL.

-- PaulHarvey - 30 Mar 2010

BestPracticeTipsForm edit

Category Installation and Upgrading
Topic revision: r14 - 30 Mar 2010, PaulHarvey - This page was cached on 24 Nov 2017 - 05:19.

The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License