Re: [PHP] https question
On Sep 25, 2013, at 1:55 PM, Tedd Sperling t...@sperling.com wrote: Hi gang: I have a client who had his entire site moved to another host -- no big problem. However, the old site had a https directory, where I had secure scripts to do credit-card transactions, but the new site doesn't have a https directory -- in fact it doesn't even have a http directory at all. So, what options do I have to do secure transactions? I remember someone saying that this could be done via a .htaccess file, but I don't have the code, nor am I positive this is the answer. What do you recommend? Thanks, tedd Did you setup the server (Apache / nginx) configuration? The entire site should be served under https if you're doing CC processing Best, –Josh Joshua Kehn | @joshkehn http://joshuakehn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] https question
On Sep 25, 2013, at 1:58 PM, Joshua Kehn josh.k...@gmail.com wrote: On Sep 25, 2013, at 1:55 PM, Tedd Sperling t...@sperling.com wrote: Hi gang: I have a client who had his entire site moved to another host -- no big problem. However, the old site had a https directory, where I had secure scripts to do credit-card transactions, but the new site doesn't have a https directory -- in fact it doesn't even have a http directory at all. So, what options do I have to do secure transactions? I remember someone saying that this could be done via a .htaccess file, but I don't have the code, nor am I positive this is the answer. What do you recommend? Thanks, tedd Did you setup the server (Apache / nginx) configuration? The entire site should be served under https if you're doing CC processing Best, –Josh I understand that cc processing should be done via https. Normally, that means to me that I place my $ scripts in a https directory -- the problem is that I don't have one with this host. So, I am asking how does one do that with a https directory? Thanks, tedd ___ tedd sperling tedd.sperl...@gmail.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] https question
On Sep 25, 2013, at 2:24 PM, Tedd Sperling tedd.sperl...@gmail.com wrote: I understand that cc processing should be done via https. Normally, that means to me that I place my $ scripts in a https directory -- the problem is that I don't have one with this host. So, I am asking how does one do that with a https directory? Thanks, tedd ___ tedd sperling tedd.sperl...@gmail.com I'm saying the site should be served entirely under HTTPS. There shouldn't be separate https/http directories. Apache (or whatever your web server is) has a certificate installed on it and that vhost is configured to only respond to https requests. Typically this also means running a separate vhost on http that redirects to the https variant. Where is this new host? It should be a dedicated box (vps or other) due to how the certificates need to be issued (dedicated ip address). Best, –Josh Joshua Kehn | @joshkehn http://joshuakehn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] https question
On Wed, Sep 25, 2013 at 1:55 PM, Tedd Sperling t...@sperling.com wrote: Hi gang: I have a client who had his entire site moved to another host -- no big problem. However, the old site had a https directory, where I had secure scripts to do credit-card transactions, but the new site doesn't have a https directory -- in fact it doesn't even have a http directory at all. So, what options do I have to do secure transactions? I remember someone saying that this could be done via a .htaccess file, but I don't have the code, nor am I positive this is the answer. What do you recommend? Sounds like it may have been moved from a Plesk server to a non-Plesk server (or something using a similar path setup). If it's still Apache-based, yes, an .htaccess mod_rewrite directive should suffice. And, while it's out-of-scope for this list, an example, for posterity: # .htaccess - placed in the web root RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [QSA,R,L] -- /Daniel P. Brown Network Infrastructure Manager http://www.php.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php