aram Posted July 4, 2011 Share Posted July 4, 2011 Hi i have added an SSL Certificate to my admin pages in my website with .htaccess which redirects my admin pages to https://mywebsite.com/admin , is that enough is there anything else to do like adding codes in my admin pages to link with SSL or anything else? thanks Link to comment Share on other sites More sharing options...
justsomeguy Posted July 5, 2011 Share Posted July 5, 2011 You generally don't need to change code to work over SSL. Link to comment Share on other sites More sharing options...
aram Posted July 6, 2011 Author Share Posted July 6, 2011 You generally don't need to change code to work over SSL.So is that enough what i have done? Link to comment Share on other sites More sharing options...
justsomeguy Posted July 7, 2011 Share Posted July 7, 2011 Well, I would suggest that you test it and see if it does everything you need it to do. Link to comment Share on other sites More sharing options...
aram Posted July 8, 2011 Author Share Posted July 8, 2011 Well, I would suggest that you test it and see if it does everything you need it to do.The problem is i dont know what is it doing, i have read about it some but i cant understant this. the only thing i can see is that my admin pages changed from http:// to https:// is that enough. what i did for that is i redirected all my admin pages from http:// to https:// with .htaccess. Link to comment Share on other sites More sharing options...
justsomeguy Posted July 8, 2011 Share Posted July 8, 2011 the only thing i can see is that my admin pages changed from http:// to https:// is that enough.Is it enough for what? Link to comment Share on other sites More sharing options...
aram Posted July 10, 2011 Author Share Posted July 10, 2011 Is it enough for what?Is it enough for saving (security) my admin pages? Link to comment Share on other sites More sharing options...
Synook Posted July 11, 2011 Share Posted July 11, 2011 No. SSL just encrypts the data transmitted when communicating with the server, for example when you request those pages. This means that even if your traffic is intercepted, for example through a man-in-the-middle attack or when using a public wi-fi network, the attacker won't be able to gain any information, such as your admin login details (as long as you are also using HTTPS for the login page, of course). It doesn't deal with any of the other issues that may or may not be compromising your "admin pages", however, such as those resulting from bad coding (e.g. SQL injection vulnerabilities). Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.