switching back and forth between http and https
is it possible to set-up so the store so it does not switch back and forth between the http: and https: state?
i.e. the store is http: unless at the login page or checkout page (and further)
and http: when logged in but just browsing the store ~ again until checkout is clicked on the cart page.
i’m thinking as a user it would be nice once logged in it remained in the https: state
perhaps unnecessary, but it does lead me to think the customer would see it dropping out of secure to non-secure and perhaps draw the wrong conclusion that the site is not secure.
~ a lateral thought came to me that i could just define
PHP Code:
define('HTTP_SERVER', 'http://www.mydomain.co.uk');
define('HTTPS_SERVER', 'https://www.mydomain.co.uk');
to
PHP Code:
define('HTTP_SERVER', 'https://www.mydomain.co.uk');
define('HTTPS_SERVER', 'https://www.mydomain.co.uk');
(in configure.php)
but thought i’d ask first
Re: switching back and forth between http and https
that will work but the site will be slow. Most people dont notice the https. but they do notice slow websites
Re: switching back and forth between http and https
cheers for prompt reply IDW,
nice to know,
I'm guessing 'slow' because of the ssl check each page load?
I'll keep it running http & https,
i personally know there's no need for the ssl/https state while browsing... no sensitive content needing encrypting etc
it was just bugging me that the padlock was obviously appearing and disappearing, and wondered what another less knowledgeable customer would start to think etc
Re: switching back and forth between http and https
The point IDW made about "slow" is based on the long-standing understanding that since it takes the server extra time to encrypt the page content, and your browser takes some time to decrypt the received content before it can display it, that the user's experience may be slightly hindered, especially if they're using very slow internet connections.
But since most good reliable webservers are more highly powered nowadays, that argument becomes less and less relevant.
Nevertheless, there's no need to be staying in SSL mode if the page content being displayed or the data being entered is not sensitive in any way.
If your customers do actually complain to you about it, then you can decide to make changes *then*. Until such time, it's not necessary, and just complicates things needlessly. Zen Cart will switch in and out of SSL where needed. It's highly unusual for customers to find this confusing or undesirable.
Re: switching back and forth between http and https
thanks for the clarification
