Hi, Questions when in production mode ...
Should I be using https (ssl) for all auth_user actions that transmit sensitive data (password), e.g. login and register?. Note that I will be using regular http (no ssl) in all other cases across my apps. Does web2py provide specific tools to accomplish this?. Is it actually recommended for security reasons?. What do you recommend?. Furthermore, is one same session (cookie) shared between http and https for the same domain?. Thanks for your input, Carlos
