I have installed Secure Certificate on my domain name.. Now, my it runs fine as https://<sitename.. but it also works on http://<sitename>.. which, I think.. it should not.. do I have to do something for that or is it fine if it works as http://
It's ok if http works too. If your user's are stupid enough to submit important data unencrypted, they deserve to be r00ted nah, just use some server side language to check for https, and if it's not defined, refresh the page to https. It'd be easy in coldfusion. <cfif IsDefined("ssl")> <cflocation url="https://site.com/secretinfo.cfm"> <cfelse> <cflocation url="http://site.com/notencrypted.cfm"> </cfif> something along those lines...