SSL was added on, now what?

bsc1052 · #1 09-04-2007, 12:46 AM

Hi,

I developed my site using Soholaunch and have been looking and trying to figure out how to get some of my pages secured and not others. The certificate was installed I was told. I was also told just to add an "s" after the "http" on the pages I want secured....the problem is, I have no idea how to do this. I don't see anywhere on the Main menu or in the Control panel where I can do this.

For example, on the Contact Us page, if I want that secured, how can I get it to be on a secured page?

Thank you for any help you can offer!
Beth

http://kbcounseling.com

Karen Mac · #2 09-04-2007, 02:12 AM

Beth

In the shopping cart menu, payment methods, at the bottom there, just before the credit cards soho asks for the path to the ssl so it knows where to process the cards. this is where you put the https:// followed by your domain name.

Im not sure you want your contact page on the https .. why would you? It wont MAKE IT SECURE. The ssl only makes information traveling from one computer to your site secure, or info from your site to the credit card processer secure.

Karen

bsc1052 · #3 09-04-2007, 03:42 AM

Karen,
Thank you for answering...maybe I am not understanding the SSL certificate the way I thought I did. I am new to all of this and have my hands full at home right now so I apologize bc I don't think I explained it fully enough what I want to do.
On the site, there is also an assessment form, this would contain personal information for people to fill out. When they submit that, it goes to the site's email account. I was hoping by having the SSL on pages like that, the transmission would be more secure. So, I don't need it linked to the shopping cart, because that goes through PayPal, I was more concerned about the personal information being kept as secure as possible.
Should I have handled this another way? And if the SSL will cover that need, is there a way to have it on a page that contains a form?
Thank you again for your help!
Beth

http://kbcounseling.com

navaldesign · #4 09-04-2007, 11:52 PM

An SSL certificate is only a way to encrypt the data transfer between your site and the visitor. So, yes, under this point of view, the info they send you through the form, cannot be captured.
However, if this form that recieves the info, then sends you an email, this tansfer (the email) is NOT secure.

The problem can be solved in two ways:

1. By using a public key encryption also for the mails. This is rather hard, but not impossible. You just need to read a little as to which code (in the form processing script) can do this job.

2. By NOT sending emails. The data is NOT sent to you by email. Just a notification email that does NOT contain the info the visitor has sent you, as well as a link to your database interface (you need one) to openup a page in your site where this info appears. Since you have the SSL, the data transfer from the database to your own desktop, is secure. However, this way requires a database interface (in order to be able to see - search - delete mails recieved) as well as a script that will store the info in the database and send you the notification email.

Karen Mac · #5 09-05-2007, 05:48 PM

In Soho you can make an additonal form in the cart and require the data from the form to become part of the order and secure it this way as it goes into the database as Naval suggests. If its not part of what you are selling and just a sign up of sorts, then you will need to have one developed by General Naval there and linked to from your soho and create a seperate database for it.

Karen

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)