Re: SSL certificates and https
Hi Pete,
It's a while since I used a SSL on a site but if I recall correctly you don't need the whole site to be https, just that part of the site dealing with sensitive content such as credit card details etc. By splitting the site into http and https sections you reduce the risk of falling fowl of security risks. For example having a graphic load from a non ssl section of the site etc.
I believe there are good reasons not to have the whole site on an https section, one of the obvious being caching as I believe https pages can't be cached. For example Tesco or Wallmart sites are not https until such time as you go to checkout.
I've never used Trustwave PCI scan so I can't comment but what errors is it throwing up?
Egg
Intel i7 - 4790K Quad Core + 16 GB Ram + NVIDIA Geforce GTX 1660 Graphics Card + MSI Optix Mag321 Curv monitor + Samsung 970 EVO Plus 500GB SSD + 232 GB SSD + 250 GB SSD portable drive + ISP = BT + Web Hosting = TSO Host
Bookmarks