PHP authentication form and SSL

GnomeSharpie

I want to secure a web php form on my website. The actual form resides on a web server that sends the request to another secure server. Is this secure or do I need to have the form reside on the secure (SSL) web server?

PHPdev

Well if you want to totaly secure the forms data, from point A (the clients Machine) to point B (the server that is going to store the data), then yes your form needs to be on a server with SSL.

PHPdev

Chimera

Sorry PHPdev, but that's just not true. The actual form can reside on any server, as long as the form action is set to the secure server URL. Since the client sends data directly to the form action, this is as secure as it gets. However, doing it this way means the user won't see the little secure lock in their browser until the form has been submitted, which some people don't like.

PHPdev

Chimera,

You are exactly right... I was not thinking of just posting the form to the secure server...

Thaks for the correction...

PHPdev

GnomeSharpie

Thanks so much for your help!