Page 1 of 1
How to execute php page with ssl rules
Posted: Thu Oct 22, 2009 2:32 am
by shafiq2626
Hello to every one
i purchased ssl for my website. now i want to run specifice php page with https links.
Or that page only must be execute with
https://abc.com/somepage.php.
As other page execute like
http://abc.com/othepage.php.
please help me to solve this problem.
thanks
Re: How to execute php page with ssl rules
Posted: Sat Oct 24, 2009 5:43 am
by kaisellgren
Either use .htaccess, or PHP code similar to this:
Code: Select all
function isHttps()
{
if (strtolower($_SERVER["HTTPS"]) == "on") // IIS
return true;
elseif ($_SERVER["HTTPS"] == 1) // Most web servers
return true;
elseif ($_SERVER['SERVER_PORT'] == 443) // Others
return true;
else
return false;
}
If it's not HTTPS, then redirect.
Re: How to execute php page with ssl rules
Posted: Tue Nov 03, 2009 11:37 pm
by flying_circus
kaisellgren wrote:Code: Select all
function isHttps()
{
if (strtolower($_SERVER["HTTPS"]) == "on") // IIS
return true;
elseif ($_SERVER["HTTPS"] == 1) // Most web servers
return true;
elseif ($_SERVER['SERVER_PORT'] == 443) // Others
return true;
else
return false;
}
Hey Kai,
I've been thinking about this piece of code for a bit. Is there a reason you dont just test for the server port in the first place?
Why bother checking for $_SERVER['HTTPS'] = on || 1?
I have an idea of why you would do that, but I'd rather hear your rationale.
Re: How to execute php page with ssl rules
Posted: Wed Nov 04, 2009 1:05 am
by kaisellgren
Because the port might be different. It's unlikely to happen and it would require the client to know the port, but it's still possible.
Re: How to execute php page with ssl rules
Posted: Fri Nov 06, 2009 3:08 pm
by flying_circus
kaisellgren wrote:Because the port might be different. It's unlikely to happen and it would require the client to know the port, but it's still possible.
That's what I figured. Would I be wrong to think that if the https port was OTHER than 443, then your script would return a false positive on "Others" web servers? The client wouldn't necessarily have to know the port if he followed a link.
I agree, it's not practical, but maybe possible.
Re: How to execute php page with ssl rules
Posted: Sat Nov 07, 2009 4:46 am
by kaisellgren
flying_circus wrote: if the https port was OTHER than 443, then your script would return a false positive on "Others" web servers?
It would give a false positive. That's why web servers not giving any details about the protocol are not considered safe in today's standards.
Re: How to execute php page with ssl rules
Posted: Thu Dec 17, 2009 1:49 am
by shafiq2626
Hi!
Thanks a lot
kaisellgren wrote:Either use .htaccess, or PHP code similar to this:
Code: Select all
function isHttps()
{
if (strtolower($_SERVER["HTTPS"]) == "on") // IIS
return true;
elseif ($_SERVER["HTTPS"] == 1) // Most web servers
return true;
elseif ($_SERVER['SERVER_PORT'] == 443) // Others
return true;
else
return false;
}
If it's not HTTPS, then redirect.