Results 1 to 4 of 4
  1. #1
    Newbie
    Join Date
    February 14th, 2011
    Posts
    2
    Question regarding https & forms
    One of the sites that I operate contains rather extensive forms completed by clients and I also have an SSL certificate in place.

    The site is using .php files but since I am not an experienced programmer, could someone please guide me in the direction necessary to be able to have these pages as https and not get an SSL error saying the transmission is not secure.

    How can I set this up so the forms transmit securely to set clients' minds at ease? I am about to do a complete redesign of the site and I might as well work this into the equation properly

    Many thanks
    DCM

  2. #2
    ...and a Pirate's heart. Convergence's Avatar
    Join Date
    June 24th, 2005
    Posts
    6,918
    Being a php page doesn't make the page not secure. It's the content on the page, IE: if you have images that are being referenced from a non-secure URL.

    If the images are on the same domain as the form, trying using a relative URL versus the actual URL.

    Relative:
    Code:
    <img src="http://www.abestweb.com/forums/images/image-name.ext">
    Actual:
    Code:
    <img src="http://www.some-website.ext/images/image-name.ext">
    If the images are not on the same domain, then the images have to be on a site that has an SSL cert.
    Last edited by Convergence; March 22nd, 2011 at 04:31 PM.
    Salty kisses, Sandy toes, and a Pirate's heart...

  3. #3
    Full Member Lanny's Avatar
    Join Date
    April 7th, 2010
    Location
    Deep South
    Posts
    330
    subdomain for secure web pages
    Welcome to ABW! First, the disclaimer: I am *not* an expert at this. However, I spent several hours, this morning, working on a Secure web page with a Feedback Form on it, for one of my web sites.

    I believe you should have any web pages you want to be secure (Encrypted transmisssion from the web browser of the person filling out your forms to your web server) in a subdomain. For example the name of your subdomain might be secure or ssl:

    secure.example.com or ssl.example.com

    Put your secure web pages in there.

    Upload your PHP Script and the web pages that are to be Secure, to the subdomain.

    If for example, you have a web page there, with a feedback form on it that is called feedback.htm you would address it in a web browser like this:

    https://secure.example.com/feedback.htm

    You need to be very careful what you put onto that web page, or your visitors might get a warning from their web browser that part(s) of the web page are not secure. I see that, very frequently, on web sites I visit.

    For that reason, I am not, at this time, putting a ReCAPTCHA on my Feedback form.
    That is harder to accomplish, without getting a warning, that part of the web page is not secure. I hope, in the future, to be able to put a ReCAPTCHA on the web page with my Feedback Form, without getting a browser warning, but that will take time and may not be possible.

    Remember to RENEW your SSL cert and UPDATE the installation on your web server, BEFORE your SSL cert expires, or, your site visitors will get nasty messages, that may scare them off.

    It might be that you need to have your SSL cert reissued, to cover the Subdomain.

    I got my SSL cert Free, from StartCom Free SSL Certification Authority and have 256 bit encryption. The I.R.S. web site, with information about income tax refunds, only has 128 bit encryption.....
    HTH

  4. #4
    ...and a Pirate's heart. Convergence's Avatar
    Join Date
    June 24th, 2005
    Posts
    6,918
    Quote Originally Posted by Convergence View Post
    Being a php page doesn't make the page not secure. It's the content on the page, IE: if you have images that are being referenced from a non-secure URL.

    If the images are on the same domain as the form, trying using a relative URL versus the actual URL.

    Relative:
    Code:
    <img src="http://www.abestweb.com/forums/images/image-name.ext">
    Actual:
    Code:
    <img src="http://www.some-website.ext/images/image-name.ext">
    If the images are not on the same domain, then the images have to be on a site that has an SSL cert.
    Stupid forum software rewrote my sample code...

    Relative:
    Code:
    <img src=" images/image-name.ext">
    No space between " and images
    Last edited by Convergence; March 22nd, 2011 at 11:11 PM.
    Salty kisses, Sandy toes, and a Pirate's heart...

  5. Newsletter Signup

+ Reply to Thread

Similar Threads

  1. Question about ASP and forms
    By Eric Ewe in forum Programming / Datafeeds / Tools
    Replies: 1
    Last Post: May 21st, 2010, 12:46 AM
  2. CoReg Path Forms Question
    By CoolAffiliate in forum Programming / Datafeeds / Tools
    Replies: 0
    Last Post: February 24th, 2007, 12:34 PM
  3. Webmerge and forms question
    By thealarmtech in forum WebMerge (Fourthworld.com)
    Replies: 2
    Last Post: March 16th, 2006, 04:19 PM
  4. Another Forms Question
    By Raven Snow in forum Programming / Datafeeds / Tools
    Replies: 1
    Last Post: February 6th, 2003, 08:25 PM
  5. Question about forms
    By bghtn in forum Programming / Datafeeds / Tools
    Replies: 0
    Last Post: January 3rd, 2003, 05:00 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •