Hello experts, help me on SSL please. i need to install SSL certificate on Cent OS. i know the way how to install the SSL certificate via DirectAdmin but the question is how am i suppose to make my site to run using the SSL e.g. https:// basically i need some of page from my site must be working via the SSL installed private links such as these link below must works using SSL installed http://www.mydomain.com/register.php http://www.mydomain.com/login.php http://www.mydomain.com/payment.php http://www.myaccount.com/myaccount.php to similer like below. https://www.mydomain.com/register.php https://www.mydomain.com/login.php https://www.mydomain.com/payment.php https://www.myaccount.com/myaccount.php i dont have clue how am i suppose to make these to work like i listed above. so could you tell me how am i suppose to install step by step to atchive like which explained above. could you help me how to install properly. thank you.
i am using DirectAdmin and there is a option for to install SSL in DirectAdmin. the problem and the aswer i need is regarding on the enforce https:// for some of the file pages such as register page, login page, payment page and my account page. other than all other page must work with out https://
if you install a SSL cert on your domain www.domain.com then all file under www.domain.com/MY FILE.HTML will be securd. but will not for subdomain.domain.com/
so is this mean that once i installed SSL in http://www.mydomain.co.uk and when ever i try to go my website e.g. http://www.mydomain.co.uk http://www.mydomain.co.uk/register.php http://www.mydomain.co.uk/login.php etc... it will automatically load as https://www.mydomain.co.uk https://www.mydomain.co.uk/register.php https://www.mydomain.co.uk/login.php ??? or do i have to do something else?
You can do it using .htaccess rule. Just add following rules in your .htaccess: RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} Kailash
thank you DnHype for your information DnHype, you said that can be do by redirection right, can you give me a example please. thx and kailash thank you too but if i am using the .htaccess which you gave, it make all the page go with https:// rights? i am looking for just few file should be go with https:// and all other should be function is normal http:// the https:// only function to 4 files 1.) register page e.g. https://www.mydomain.co.uk/register.php 2.) Login page e.g. https://www.mydomain.co.uk/login.php 3.) Payment page e.g. https://www.mydomain.co.uk/payment.php 4.) My Account page e.g. https://www.mydomain.co.uk/myaccount.php restfiles, i think almost 60 other page files which should be works as normal link e.g. 1.) http://www.mydomain.co.uk 2.) http://www.mydomain.co.uk/help.php 3.) http://www.mydomain.co.uk/aountus.php 4.) http://www.mydomain.co.uk/contactus.php 5.) http://www.mydomain.co.uk/category.php and so on, etc... so with having a .htaccess rule, i dont think i can atchive what i am looking for right? or will i able?
Let say you ALLWAY want to make your user log in secure way then on your http://www.mydomaine.com/login.php you can add php redirection like this on top of pages
Alternatively, you can modify kailash's directions like this: RewriteCond %{HTTPS} off RewriteCond %{REQUEST_URI} register.php RewriteCond %{REQUEST_URI} login.php RewriteCond %{REQUEST_URI} payment.php RewriteCond %{REQUEST_URI} myaccount.php RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301] Code (markup): This will mean that anybody who requests these four pages on the non-SSL version will be redirected to the SSL version. The only thing you have to be careful of here is that if you can login from any page by POSTing the username and password to login.php that you should change the form action to the https:// version of your website. If you can only login from the login.php page then you have nothing to worry about. If you find that your visitors stay on the SSL version after logging in (which will happen if your website uses relative links rather than absolute links) you can add this to the .htaccess file (or httpd.conf file) so that it will send them back to the non-SSL version if SSL is not required. RewriteCond %{HTTPS} on RewriteCond %{REQUEST_URI} !register.php RewriteCond %{REQUEST_URI} !login.php RewriteCond %{REQUEST_URI} !payment.php RewriteCond %{REQUEST_URI} !myaccount.php RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [R=301] Code (markup): That said, there's no harm in having an entirely SSL website. It causes a little extra CPU work to calculate the encryption on both your end and your visitor's end but with the speed of CPUs these days it will be not noticeable to them and only noticeable to you if you have a lot of traffic (upwards of 100,000 uniques per day).