Page 1 of 1
https vs http, what is the difference?
Posted: Thu Mar 22, 2007 3:43 pm
by crazytopu
One of my clients is asking if it is more secure if we use https rather than http protocol. As I am aware of it comes handy when your site is processing payment. But for my client I am using paypal to accept payment which means the members are sent to paypal for payment processing and once they make payment they are sent back to the site. Therefore,security is not a big issue for my client's site. Right?
Can anyone tell me more if you know.
Posted: Thu Mar 22, 2007 3:55 pm
by Luke
Posted: Thu Mar 22, 2007 3:57 pm
by crazytopu
The link doesnot work, but I read something on wiki
Posted: Thu Mar 22, 2007 3:59 pm
by Luke
fixed
Posted: Thu Mar 22, 2007 4:07 pm
by feyd
What on Earth does this thread have to do with Graphics?
Posted: Thu Mar 22, 2007 4:09 pm
by crazytopu
I am sooo sorry Fyed, that was a complete mismatch, I thought i selected General forum...
I am really sorry.
Posted: Thu Mar 22, 2007 5:11 pm
by Kieran Huggins
I don't bother with HTTPS when I use paypal as a gateway
Posted: Thu Mar 22, 2007 6:08 pm
by RobertGonzalez
If any information is passed to your server at all before it gets to the processor, you need HTTPS. I won't even consider entering any personal information into a web form if it is not HTTPS.
Posted: Thu Mar 22, 2007 6:18 pm
by crazytopu
You mean not even your name and address, phone no?
Why is that? how it is relevant with a secure site when you are not entering any payment information.
I am going to show this post to my client and based on your input he will decide wheather to go for https or http.
So a little clarification will help a lot.
Posted: Thu Mar 22, 2007 6:34 pm
by RobertGonzalez
Name and address information can be used to spoof identities. I will, on ocassion, enter my email address and name, but seldom will I enter personal contact information on a site unless I know for sure that the site is trustworthy (under my management, run by someone I know, run by a company with a secure history). Under no circumstance will I enter vitals (SSN, CC data, etc) on a site that is not HTTPS.
Posted: Thu Mar 22, 2007 6:50 pm
by alvinphp
HTTPS is much more secure. I recommend you try it once because it is easy to setup and you will then have a much better idea of how it works.