Search the Community

When I decided I wanted to add a visitor counter to my website, I scoured the Internet for a ready-made solution. I don't yet have the expertise to write my own routine, so I was hoping to find something relatively simple to implement. I encountered numerous sites offering free counters. On most of them, the process was the same. They provided a mechanism for customizing the way the counter should look. After selecting the styling options and viewing a preview, you push a button to generate the corresponding HTML code. The code generated is an HTML <img> tag which is to be placed in your HTML document. Typically, the <img> tag is wrapped in an anchor (<a>) tag. From what I've been able to ascertain, behind the scenes there's some kind of CGI process. I'm not sure exactly how it works, but my best guess is that every time my site is loaded, the server increments the count and sends me a new picture. Anyway… From among the myriad choices I had, I elected to use a site called cutercounter.com. The landing page looks like this: After selecting a style that I liked, I entered the URL of my website into the "Your Website URL:" field and clicked on the "Get Your Counter HTML Code" button. Thereafter, the following screen was displayed: I placed the code into my HTML document, which yielded the following: I'm happy with the result, but I have a concern. I'm wondering whether there's a risk in placing that unsecured (http versus https) link in my document. I don't have sufficient expertise to make that determination. Do I have cause for concern?

BACKGROUND: Sometimes I believe that I will never launch my project. The reason for this doubt is clear. Each time that I believe that I have got everything right, I make a small change that i am told will make everything better, and I finish by having to redo much of what I have already done simply to make it work as it did before with the new feature. What keeps me going on the other hand is that I have always somehow been able to overcome each of these sorts of major hurdles. No wonder it has taken me 14 months just to be able to get where I have gotten. DILEMMA: In order to observe the issue that I am having you are requested to follow the steps below. Mind you, the result of the experiment appears to be the same no matter the browser. I have tried it with Chrome, Safari, and Firefox. Step 1: Using the http:// protocol open to the following splash page: http://www.grammarcaptive.com Step 2: Click on the Freeman. This should open to a page with two preceding splash pages Step 3: When the 2nd splash page opens, you should see what appears to be a frame with a series of frames in which each frame is still another set of frames. _______ Step 4: Using the https:// protocol open to the following splash page: https://www.grammarcaptive.com. Step 5: Click on the Freeman. This should open to a page with two preceding splash pages. Step 6: When the 2nd splash page opens, however, the nested sets of frames have disappeared. _______ DISCUSSION: Now, I have made what I believe to be a fairly thorough check for the presence of the https:// prefix on all pages that refer to a link containing Javascript that might influence the behavior of the splash pages in question. I suspect that by having changed the prefix from http:// to https:// that I have, at least for some pages, introduced new code that is no longer compatible with the Javascript code that I am using. My Javascript console tells me that the jQuery variable is missing. Any ideas? Roddy

In my current website project, I would like to design a secure area for members. I have built basic login systems before, but I want to build something more secure this time. One of the things I would like to do it route requests using the HTTPS protocol. In my research on how to do this, I have been starting to learn about SSL certificates. As I understand it, in order to create an SSL encrypted connection that users can be confident in, I must purchase a certificate from a certificate authority (CA). I am questioning whether I really need to do this, though. Neither money nor information that is extremely sensitive would be handled in the secure area. The purpose of the website is of a nature that membership would be restricted to those personally acquainted with me, so it's not like they would be using a website with some vague "entity" operating it. They could trust me. Would that make it safe for me to use a self-signed SSL certificate? My only suspicion is that a hijacker could potentially inject a new SSL certificate (not sure if this is possible...) and trick users since neither his nor mine would be signed by a trusted CA. I could just get a cheap certificate, but I would like to avoid spending money on this if I don't have to. Maybe a free certificate would be okay? I'm not sure. What do you think is the best course of action for my situation?

Hello, i'm wondering should i go to HTTPS mode on my website because its available. What are the + & - of http & https?