I want to make a secure login page for my site, but I no nothing of building and HTTPs page, or what it involves. Could someone point me to a good hot-to or something. Or if it isn't that difficult, maybe someone could explain it here? Thanks for any help!
You don't need to do anything special in your PHP to use https, just make sure that your scripts are served from a https URL - e.g. your login form uses something like: <form action="post" method="https://www.example.com/login.php> Code (markup):
Ok, that makes sense. So do I need to get another domain? I have a shared server with lunarpages, do they normally provide secure pages with the package?
you need to buy a ssl cert for a encrypted login i.e https if you want to secure acess to a direcotr there are simpler options such as htpswd files which you can confiure under cpanel look for somthing like "restrict directories" hope it helps
For a simple login you don't really need SSL - there are lots of big sites out there which don't use it, this forum is just one example. You only need SSL if you're processing sensitive information, such as credit card or bank details.
Hmm, could you explain a little more? How do I use SSL, or where do I get it? Is it as simple as just using different code? In the mean time, I'll be researching SSL, thanks for everyones help. I am hoping to get a secure login without much hassle.
You don't need to do anything in your PHP code to use SSL, except to ensure that the relevant scripts are served up from URLs with a https:// prefix rather than http://. If you want to use SSL, you need a dedicated IP address for each host because of the way SSL connections are handled (if you want more detail on why, Google and Wikipedia are your friends ). You'll also need an SSL certificate, which you can get in one of two ways: 1. Generate your own. This is free but won't be recognised by the major browsers, so anyone coming to your site will get an error message saying that the SSL certificate cannot be trusted by default. 2. Buy a certificate from one of the signing authorities - there are lots of companies offering this service, such as GoDaddy. I haven't used any of them myself, so can't recommend any particular company, but this will get you a certificate which doesn't throw up an error in the browser when you view the SSL-enabled site. In terms of cost, you're looking at anything from $19.99 per year up to however much you want to pay.