There is a little more to it than that, but as noted previously, detailed instructions are
available on the VeriSign web site, and you shouldn??™t run into any difficulties.
Enforcing SSL Connections
After you??™ve installed the certificate, you can access any web pages on your web server using
an SSL connection, simply by replacing the http:// part of the URL used to access the page
with https:// (assuming that your firewall is set up to allow an SSL connection, which by
default uses port 443).
Obviously, you don??™t need SSL connections for all areas of the site. If a page can be accessed
only via HTTPS, there are two details to keep in mind:
??? Search engines don??™t index HTTPS locations.
??? Delivering pages via HTTPS consume web server resources, which must encrypt the
transferred data.
So you have two solid reasons for which you should enforce HTTPS connections only for
the sensitive areas of your site. In this chapter, we??™ll enforce SSL for the administrator login
page and for the administration pages of your site (in later chapters, when we??™ll handle payments
ourselves, we??™ll also want to enforce SSL for the checkout, customer login, customer
registration, and other administrative pages).
If you want to ensure that all requests to the administrative script (admin.php) are
done through HTTPS, you??™ll simply need to add this code at the beginning of presentation/
store_admin.
Pages:
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392