Welcome Guest, Not a member yet? Register   Sign In
how to make few pages secure using SSL?
#1

[eluser]Nagabhushana[/eluser]
please help me,

how to make few pages secure using SSL? I want use digital certificate to process credit card info.
#2

[eluser]Negligence[/eluser]
Use Google -- there are thousands of resources out there for you to use. This doesn't have anything to do with CI.
#3

[eluser]Vik[/eluser]
Can you provide some additional info? My web host states that:

> All secure files need to be uploaded to the /domains/domain.com/private_html directory

...but CI looks for view files in the normal views directory, which is not in the private_html, or https, folder.

What is the correct way to coordinate CI with SSL?

Thanks in advance for any info.
#4

[eluser]kevinprince[/eluser]
To setup SSL, its not a hard process your hosting company needs to provide your account firstly with a dedicated IP address and the SSL setup.

Your certificate can be purchased from several providers, I use http://www.positivessl.com/ for public facing sites and generate my own certificates for internal ones.

Once you have setup this. You would need to run a complete copy of your CI application into the secure directory, and then forward everyone going to http to https automatically.

Dont forget to make sure you connection to your MYSQL database is secure and encrypted also, and that you dont store RAW cc data in it.

You can not be selective in a framework such as CI what pages go via https://
#5

[eluser]Vik[/eluser]
Thanks for the info. I looked into this further. My web host, MediaLayer, uses a symbolic link so the same folder can be used for http and for https. So now, if I use https:// in the URL, the page is secured.
#6

[eluser]Rick Jolly[/eluser]
[quote author="nextgengames" date="1199471154"]
You can not be selective in a framework such as CI what pages go via https://[/quote]
Nonsense.
#7

[eluser]Vik[/eluser]
Rick, what method do you use for getting certain CI views to go to https? I've tried many of the .htaccess methods in this forum, and I haven't been able to get it right yet for my site - I keep getting errors such as "too many redirects" or "page not found."
#8

[eluser]Rick Jolly[/eluser]
If a secure page is requested with http instead of https, you can do the redirect to https in htaccess or as early as possible in your code (the constructor of your controller is a good place).

EDIT:
For an example of the .htaccess method see here:
http://ellislab.com/forums/viewthread/48344/#335857

For an example of the code method see here:
http://ellislab.com/forums/viewthread/48344/#233552
#9

[eluser]Vik[/eluser]
I saw that thread - so the hooks approach is viable? Someone in that thread was saying it was better to use htaccess - but for me, the hooks approach is probably better, because I only want to use https for certain views, rather than for a whole controller.

I probably could devote a controller to my secure pages, but now that I've heard from you that the hooks approach works, I can use that. Thanks!
#10

[eluser]Vik[/eluser]
I'm trying it out, and I'm getting an error message:

Quote:A PHP Error was encountered

Severity: Warning

Message: Cannot modify header information - headers already sent by (output started at /Applications/MAMP/htdocs/system/application/hooks/https.php:11)

Filename: hooks/https.php

Line Number: 7

Have you encountered this before? Do you know how to fix it by any chance?

I posted the details of my setup in the thread you linked.




Theme © iAndrew 2016 - Forum software by © MyBB