Rockdale
VP-CART New User
USA
76 Posts |
Posted - November 28 2003 : 22:18:41
|
I just bought a ssl certificate for my site. I'm looking for any file in the cart, an asp file, where changes are made to change http to https for the entire site. My customers are mostly older looking for a secure site. Even though the credit card part is secure, I get customers calling, wanting to leave an order. In most cases it is a large order. I ask why. They say they looked for the lock or the https and didn't feel comfotable enough to order. They never got to the credit card secured processing area.
How do I get the whole site to use https. Every url needs to be an absolute not a half a url. It needs to have the https. Otherwise the popup comes up on everypage saying that not all items are secure. Pictures etc. Any answers?
Michael Kelley |
|
jonmadrid
VP-CART New User
USA
192 Posts |
Posted - November 29 2003 : 16:49:19
|
Michael,
Well, first of all, you can actually browse without the SSL until it comes time for checkout/payment and not have to worry about errors. In the case of the images, just use the relative path, rather than the absolute path: "/mystore/images/products/myPic1.jpg" instead of "http://www.mysite.com/mystore/images/products/myPic1.jpg". The former option can adapt to both http and https without any errors, while the latter is obviously going to throw errors when you access https://. Thats pretty standard practice.
If that doesnt cut it for you, you could insert some code in the top of the shoppage_header.htm file that would automatically take care of that for you. You could add something like this to the top pf that file:
******* <% If (Request.ServerVariables("HTTPS") = "off") Then Dim strCurrentFile strCurrentFile = Request.ServerVariables("SCRIPT_NAME") Response.redirect "https://www.YourDomainName.com" & strCurrentFile End if %> *******
That should do the trick. Since that file is included at the top of every page in the shop (except admin pages, where this is actually a good thing to add as well--for security) any page of the shop that is accessed will perform that check and will redirect to the secure layer if its not already on it. Unless you really need it though, I would try the first method I mentioned, and wait to switch the customer over to https:// until its really a necessity.
All the best,
Jon Madrid -------------------- Madrid Communications Web Design, Development, and Hosting www.madridcom.com
|
|
|