Discussion:
https question
Tedd Sperling
2013-09-25 17:55:09 UTC
Permalink
Hi gang:

I have a client who had his entire site moved to another host -- no big problem.

However, the old site had a https directory, where I had secure scripts to do credit-card transactions, but the new site doesn't have a https directory -- in fact it doesn't even have a http directory at all. So, what options do I have to do secure transactions?

I remember someone saying that this could be done via a .htaccess file, but I don't have the code, nor am I positive this is the answer.

What do you recommend?

Thanks,

tedd
_______________
tedd sperling
***@sperling.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Joshua Kehn
2013-09-25 17:58:23 UTC
Permalink
Post by Tedd Sperling
I have a client who had his entire site moved to another host -- no big problem.
However, the old site had a https directory, where I had secure scripts to do credit-card transactions, but the new site doesn't have a https directory -- in fact it doesn't even have a http directory at all. So, what options do I have to do secure transactions?
I remember someone saying that this could be done via a .htaccess file, but I don't have the code, nor am I positive this is the answer.
What do you recommend?
Thanks,
tedd
Did you setup the server (Apache / nginx) configuration? The entire site should be served under https if you're doing CC processing

Best,

–Josh
____________________________________
Joshua Kehn | @joshkehn
http://joshuakehn.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Tedd Sperling
2013-09-25 18:24:29 UTC
Permalink
Post by Joshua Kehn
Post by Tedd Sperling
I have a client who had his entire site moved to another host -- no big problem.
However, the old site had a https directory, where I had secure scripts to do credit-card transactions, but the new site doesn't have a https directory -- in fact it doesn't even have a http directory at all. So, what options do I have to do secure transactions?
I remember someone saying that this could be done via a .htaccess file, but I don't have the code, nor am I positive this is the answer.
What do you recommend?
Thanks,
tedd
Did you setup the server (Apache / nginx) configuration? The entire site should be served under https if you're doing CC processing
Best,
–Josh
I understand that cc processing should be done via https.

Normally, that means to me that I place my $ scripts in a https directory -- the problem is that I don't have one with this host.

So, I am asking how does one do that with a https directory?

Thanks,

tedd
_______________
tedd sperling
***@gmail.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Joshua Kehn
2013-09-25 18:30:05 UTC
Permalink
Post by Tedd Sperling
I understand that cc processing should be done via https.
Normally, that means to me that I place my $ scripts in a https directory -- the problem is that I don't have one with this host.
So, I am asking how does one do that with a https directory?
Thanks,
tedd
_______________
tedd sperling
I'm saying the site should be served entirely under HTTPS. There shouldn't be separate https/http directories. Apache (or whatever your web server is) has a certificate installed on it and that vhost is configured to only respond to https requests. Typically this also means running a separate vhost on http that redirects to the https variant.

Where is this new host? It should be a dedicated box (vps or other) due to how the certificates need to be issued (dedicated ip address).

Best,

–Josh
____________________________________
Joshua Kehn | @joshkehn
http://joshuakehn.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Daniel Brown
2013-09-25 18:29:53 UTC
Permalink
Post by Tedd Sperling
I have a client who had his entire site moved to another host -- no big problem.
However, the old site had a https directory, where I had secure scripts to do credit-card transactions, but the new site doesn't have a https directory -- in fact it doesn't even have a http directory at all. So, what options do I have to do secure transactions?
I remember someone saying that this could be done via a .htaccess file, but I don't have the code, nor am I positive this is the answer.
What do you recommend?
Sounds like it may have been moved from a Plesk server to a
non-Plesk server (or something using a similar path setup). If it's
still Apache-based, yes, an .htaccess mod_rewrite directive should
suffice. And, while it's out-of-scope for this list, an example, for
posterity:

# .htaccess - placed in the web root
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [QSA,R,L]
--
</Daniel P. Brown>
Network Infrastructure Manager
http://www.php.net/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Continue reading on narkive:
Loading...