Force page to be viewed with SSL

visionxtreme

I have some pages that I only want to be viewed in SSL.

How To?

klansman

hi.

you can change the apache configuration (are you running apache?) for the desired directory and include a configuration like RequireSSL. That way, all accesses are restricted to ssl connections.

if you do not have access to the apache configuration or if you don't want to protect a whole directory... well maybe you can check out some php variables like $SERVER["HTTPS"] (which is a boolean value set as 1 for ssl connections and is it not defined for not ssl connections) and others like $SERVER["SSL_CIPHER_USEKEYSIZE"] (which tells you the encryption strenght used), and act according to those variables.

[]

visionxtreme

Thanks.

That's good info.

klansman

thanx.

Ph0eniX

One simple way would be to check the value of $SERVER['SERVER_PORT']. If it's 80, then redirect the user to https://host.domain.com. or you could query $SERVER['SERVER_PORT_SECURE'] (for 0 or 1). Either way should work.