[web] E-commerce SSL site design - basic advice needed!
Author
Hey all, I am developing a small time e-commerce website and I need some advice!
We will sell a single product, and we are using PayPal and GoogleCheckout to process the orders. We will not be storing any financially sensitive info on our server. My problem is that we want to implement SSL protection for the logging in stage i.e. the customer has an account with us, and in order to log in and look at their details we want it to be under https. Unfortunately I have no experience with SSL.
I have been advised by a friend to purchase an SSL certificate (e.g. Thawte) from our server host. He then said that the best practice is to register another domain name in addition to our current one e.g. secure.domain.com and then make all my scripts that need securing be placed under that domain.
Now I have attempted to pre-empt this by developing the website such that all the files that need ssl protection (e.g. login.php) are in a subdirectory off the root called SECURE. Is this useful or will I need completely seperate file directories - how will it work from the file system point of view with two domains on the same server?
Can they share files (For example, my js and ccs includes files)?
Will it be possible to setup my two domains so that I have this secure portion of my website simply covering the files in the /SECURE sub directory?
I am worried that it is going to become a pain keeping state session of my PHP files between the domains (http and https).
Am I just better off protecting the entire website with SSL rather than a few select web pages?
Any hints/tips greatly appreciated!
Simply using SSL for the whole site is the easiest. It's a bit more resource intensive, but if you're not constrained on server resources then it's no problem.
I would recommend against serving images and javascript from the normal site while the page itself is under SSL. The user will get warnings about "mixed contents".
You cannot put a subdirectory under SSL. You need to put a whole domain under SSL control. On your server, these two sites need to be two separate directories. E.g.
Of course, you can simply make /var/www/secured-site/images a symlink to /var/www/unsecured-site/images.
I don't think that "standard" PHP sessions are shared between the secured site and the unsecured site. So, after logging in you will need to pass the result of the login action from the non-secured site to the secured site yourself. Another option is to simply use a different session system (written in PHP/MySQL for example) that is able to share sessions between the two domains.
Hope this helps!
I would recommend against serving images and javascript from the normal site while the page itself is under SSL. The user will get warnings about "mixed contents".
You cannot put a subdirectory under SSL. You need to put a whole domain under SSL control. On your server, these two sites need to be two separate directories. E.g.
/var/www/ unsecured-site/ images/ index.php ... secured-site/ images/ index.php ...Of course, you can simply make /var/www/secured-site/images a symlink to /var/www/unsecured-site/images.
I don't think that "standard" PHP sessions are shared between the secured site and the unsecured site. So, after logging in you will need to pass the result of the login action from the non-secured site to the secured site yourself. Another option is to simply use a different session system (written in PHP/MySQL for example) that is able to share sessions between the two domains.
Hope this helps!
Author
That does indeed help, thank you Sanders :)
I am aware of the messages and warnings you get with sites containing mixed content, it looks unprofessional and potentially unsafe so I defiantly want to avoid that.
The one option to make the whole site SSL is actually looking pretty good to me to be honest. I have a managed server just for this website, so I don't think it will be too resource intensive for us. Can you think of any other disadvantages for the whole site being under SSL? Could this actually put people off?
This SymLink thing also sounds interesting - potentially its not a big problem to duplicate a few images and files and just have them seperate, but I suppose this would mean the user would have to download for example our logo image twice, since it is a different file.
Would the SymLink solution mean users wouldn't get the warning messages?
I am aware of the messages and warnings you get with sites containing mixed content, it looks unprofessional and potentially unsafe so I defiantly want to avoid that.
The one option to make the whole site SSL is actually looking pretty good to me to be honest. I have a managed server just for this website, so I don't think it will be too resource intensive for us. Can you think of any other disadvantages for the whole site being under SSL? Could this actually put people off?
This SymLink thing also sounds interesting - potentially its not a big problem to duplicate a few images and files and just have them seperate, but I suppose this would mean the user would have to download for example our logo image twice, since it is a different file.
Would the SymLink solution mean users wouldn't get the warning messages?
Yes. if you symlink the image directory (and javascript directory, etcetera) from the non-secured site to the secured site then users would not get any warnings about mixed contents, while all the images are still only on your server once. Your visitors would download them all twice though, since to a browser the URL for the image would be different.
[those with 1337er apache config knowledge may correct me]
the site i'm working on has a /secure subfolder. You can make apache enforce SSL connections to a specific subdir. You can also connect to any other web page on the domain in HTTPS mode and get a secure connection simply by adding the "S" in the protocol. However, for this one subdir, i've told apache to require HTTPS.
So i toss my login script, secure login page, checkout, and payment pages in /secure and it works fine.
One annoyance is the "moving from an unsecure page to a secure page" warning. This effects even big sites like Yahoo. You can put a regular login box on a regular page and have the ACTION be an HTTPS page, but it will throw the warning when you click submit. But since we need to have a login box on the front page (period!), there is an additional "secure login" link for the security paranoid which goes to a dedicated HTTPS login page.
the site i'm working on has a /secure subfolder. You can make apache enforce SSL connections to a specific subdir. You can also connect to any other web page on the domain in HTTPS mode and get a secure connection simply by adding the "S" in the protocol. However, for this one subdir, i've told apache to require HTTPS.
So i toss my login script, secure login page, checkout, and payment pages in /secure and it works fine.
One annoyance is the "moving from an unsecure page to a secure page" warning. This effects even big sites like Yahoo. You can put a regular login box on a regular page and have the ACTION be an HTTPS page, but it will throw the warning when you click submit. But since we need to have a login box on the front page (period!), there is an additional "secure login" link for the security paranoid which goes to a dedicated HTTPS login page.
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement
