Secure Server Usage (https / SSL)
Posted by SITEWORKS SYS on 11 November 2005 03:40 AM
With the advent of affordable and easy to install personalized secure certificates, I highly recommend that clients obtain their own unique cert to further promote the security of their site for commerce transactions.
Turbo SSL, $27.95 per year
RapidSSL, $69.00 per year
RapidSSL by Flexi,ï¿½ $24.00 per year
*SPECIAL* Through special arrangement, we can obtain a genuine "RapidSSL, Equifax Secure Global eBusiness CA-1" certificate on your behalf for only $20.00 per year. Because we have to obtain this low price through a company that offers competitive hosting, we will not post the URL.
Secure Server Order Forms Normally, any text (such as your credit card number) sent from your browser to the web server is sent as plain text. This means that a hacker could potentially intercept (however unlikely) the information sent from your browser and read it. However, by using the secure server, the information is encrypted before it is sent from your browser. It would be practically impossible for anyone to decrypt it without knowing the key. Please use the secure server only when necessary, as when requesting sensitive information from your visitors.
Each server has its own safe-order site, and although you will be putting your form on your own domain, it must be called through the safe-order server in order for the form to be secure.
** You cannot use Frontpage forms processing via the secure server
To do this, create your form as usual and put it somewhere in your www directory. You can put your form anywhere you want to, but for this example, let's assume the normal URL for your form can be accessed from a browser with this URL:
To call the form through the secure-order server, you need to use the following URL to access your pages via the secure server (even though your form resides on your own domain space):
To call scripts in your cgi-bin via the secure server you should use a URL like this:
Special instructions for using FormMail.cgi with the Secure Server
It is still important that you call your order page through a secure URL in order for it to work properly. You must use:
Cgiwrap--Secure Server CGI Wrapper Your domain includes secure server access, allowing you to collect customer information in a secure fashion. Since you might also want to run a cgi program in secure mode, we make available Cgiwrap - a system that allows safe, secure use of cgi programs. We have created a sort short cut for this as well. When you want to use a cgi script or program in secure mode, you must change the URL to follow this format:
Machine - that is the machine name that is hosting your domain.