https - ecomm best practices question
Where in the powerstore ordering process should https be invoked? (That's actually not the hard one.) And where in the process should control return to http? (i.e., what page.)
Where in the powerstore ordering process should https be invoked? (That's actually not the hard one.) And where in the process should control return to http? (i.e., what page.)
The latest in the process that the transfer to the SSL server should take place is going from the cart page to the checkout page.
This is to ensure that the user is on the secure page while entering credit card details.
It is not necessary to transfer back to the non secure server.
A best practice would be to force them to the SSL Server if they try to access any of the pages using the unsecure server. This can be done pretty easily using the Apache mod rewrite utility. See the following for more information:
apache-rewrite.html
Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.
These out-of-the-box solutions provide you proven, tested applications that can be up and running now. Build a store, a gallery, or a web-based email solution.