我想创建一个网络应用程序,其中管理/结帐部分受到保护。假设我为 subdomain.mydomain.com 设置了 SSL,我想确保所有绝密内容 ;)(例如结帐页面和管理部分)都能安全传输。按如下方式构建我的应用程序可以吗?
subdomain.mydomain.com
adminSectionFolder
adminPage1.php
adminPage2.php
checkoutPagesFolder
checkoutPage1.php
checkoutPage2.php
checkoutPage3.php
homepage.php
loginPage.php
someOtherPage.php
someNonSecureFolder
nonSecurePage1.php
nonSecurePage2.php
nonSecurePage3.php
imagesFolder
image1.jpg
image2.jpg
image3.jpg
用户将通过 http 访问我的 Web 应用程序,因为主页和类似内容不需要 SSL。不过,结账/管理页面必须通过 https 访问(我将确保通过 .htaccess 重定向)。我还想在网站的每个页面上都有登录表单,包括非安全页面。现在我的问题是:
- 如果我在非安全页面上有表单,例如 http://subdomain.mydomain.com /homepage.php 并且该表单将数据发送到 https://subdomain.mydomain.com/loginPage.php,数据是否被加密发送,就像从 https://subdomain.mydomain.com/homepage.php?我确实意识到用户不会看到挂锁,但浏览器仍然应该对其进行加密,对吗?
编辑:我的歉意..上面粗体我最初输入http但意味着https,我的错
2.如果在安全页面loginPage.php(或通过https访问的任何其他实例)上我创建了会话,将分配会话ID,并且以我的网络应用程序为例。例如登录用户的用户名。我是否能够从 http://subdomain.mydomain.com/homepage.php< 访问这些会话变量/a> 例如显示问候消息?如果会话 ID 存储在 cookie 中,那么我想这会很麻烦,但是有人可以澄清应该如何完成吗?通过 SSL 发送用户名和密码似乎很重要。
3.与上述问题相关,我认为..通过 SSL 保护登录,以便安全地传输用户名/密码,然后在不使用 SSL 的情况下传输会话 ID,实际上是否有意义?我的意思是,如果有人发现用户名和密码正在传输,或者发现了会话 ID,那情况难道不是一样吗?请让我知道我在这里是否有意义,因为感觉我错过了一些重要的东西。
编辑:我想出了一个主意,但请再次告诉我这是否可行。如上所述,假设 http 和 https 之间的共享会话与通过普通 http(而不是 https)登录用户一样安全,我想在所有非安全页面上,例如主页等。我可以检查用户是否已经登录,并且如果是这样,从 php 重定向到同一页面的 https 版本。因此,用户从 homepage.php 填写登录表单,通过 ssl 详细信息发送到后端,因此可能 https://.. ./homepage.php。尝试访问 http://.../someOtherPage.php 脚本将始终检查会话是否已创建如果是这样,则将用户重定向到此页面的 https 版本,因此 https://.../someOtherPage.php。那行得通吗?
4.为了避免浏览器弹出消息“此页面包含不安全的项目...”我指向 css、图像和所有资产的链接,例如 http://subdomain.mydomain.com/checkoutPage1.php 应该是绝对的,所以“/images/image1.jpg”或相对的,所以“../images/image1.jpg” ?我想其中之一必须起作用:)
哇,这是一篇很长的文章,感谢您的耐心,如果您能做到这一点并得到任何答案:)哦,是的,我在共享主机上使用 php/apache
I would like to create web application with admin/checkout sections being secured. Assuming I have SSL set up for subdomain.mydomain.com I would like to make sure that all that top-secret stuff ;) like checkout pages and admin section is transferred securely. Would it be ok to structure my application as below?
subdomain.mydomain.com
adminSectionFolder
adminPage1.php
adminPage2.php
checkoutPagesFolder
checkoutPage1.php
checkoutPage2.php
checkoutPage3.php
homepage.php
loginPage.php
someOtherPage.php
someNonSecureFolder
nonSecurePage1.php
nonSecurePage2.php
nonSecurePage3.php
imagesFolder
image1.jpg
image2.jpg
image3.jpg
Users would access my web application via http as there is no need for SSL for homepage and similar. Checkout/admin pages would have to be accessed via https though (that I would ensure via .htaccess redirects). I would also like to have login form on every page of the site, including non-secure pages. Now my questions are:
- if I have form on non-secure page e.g http://subdomain.mydomain.com/homepage.php and that form sends data to https://subdomain.mydomain.com/loginPage.php, is data being send encrypted as if it were sent from https://subdomain.mydomain.com/homepage.php? I do realize users will not see padlock, but browser still should encrypt it, is it right?
EDIT: my apologies.. above in bold I originally typed http but meant https, my bad
2.If on secure page loginPage.php (or any other accessed via https for that instance) I created session, session ID would be assigned, and in case of my web app. something like username of the logged in user. Would I be able to access these session variable from http://subdomain.mydomain.com/homepage.php to for example display greeting message? If session ID is stored in cookies then it would be trouble I assume, but could someone clarify how it should be done? It seems important to have username and password send over SSL.
3.Related to above question I think.. would it actually make any sense to have login secured via SSL so usenrame/password would be transferred securely, and then session ID being transferred with no SSL? I mean wouldnt it be the same really if someone caught username and password being transferred, or caught session ID? Please let me know if I make sense here cause it feels like I'm missing something important.
EDIT: I came up with idea but again please let me know if that would work. Having above, so assuming that sharing session between http and https is as secure as login in user via plain http (not https), I guess on all non secure pages, like homepage etc. I could check if user is already logged in, and if so from php redirect to https version of same page. So user fills in login form from homepage.php, over ssl details are send to backend so probably https://.../homepage.php. Trying to access http://.../someOtherPage.php script would always check if session is created and if so redirect user to https version of this page so https://.../someOtherPage.php. Would that work?
4.To avoid browser popping message "this page contains non secure items..." my links to css, images and all assets, e.g. in case of http://subdomain.mydomain.com/checkoutPage1.php should be absolute so "/images/image1.jpg" or relative so "../images/image1.jpg"? I guess one of those would have to work :)
wow that's long post, thanks for your patience if you got that far and any answers :) oh yeh and I use php/apache on shared hosting
发布评论
评论(1)
如果 SSL 终止位于网络服务器本身,那么您可能需要为安全部分和非安全部分配置单独的文档根 - 虽然您可以指定它们都引用相同的物理目录,但您将会受到束缚在部件之间切换。同样,如果您的 SSL 终止位于网络服务器之前,您就无法系统地分离安全部分和非安全部分。
将安全部分和非安全部分分离到单独的树中会更整洁 - 请注意,如果安全页面上有非 SSL 内容,用户将收到警告消息。
关于您的具体问题
否 - 数据是否加密取决于它要去哪里,而不是它来自哪里
是 - 但前提是您不设置 secure_only cookie 标志 - 请注意,如果您遵循我上面的建议,您还需要确保 cookie 路径设置为“/”
是
处理用户名和密码的页面必须是安全的。如果没有,那么您就会暴露您的客户端身份验证详细信息(大多数人对他们访问的所有站点使用相同的密码),并且运行网络嗅探器或代理的任何人都可以访问。
你的编辑让我有点困惑。 SSL 的计算成本高且速度慢 - 因此您希望最大限度地减少其使用 - 但您需要平衡这一点与用户对安全性的看法 - 不要不断从 SSL 切换到非 SSL,尽管它对于用户输入其信息来说是完全安全的发送到 SSL 页面的非 SSL 提供的页面上的详细信息,用户可能不理解这种区别。
C.
If the SSL termination is on the webserver itself, then you'll probably need to configure seperate document roots for the secure and non-secure parts - while you could specify that these both reference the same physical directory, you're going to get tied in knots switching between the parts. Similarly if your SSL termination is before the webserver you've got no systematic separation of the secure and non-secure parts.
Its a lot tidier to separate out the secure and non-secure parts into seperate trees - note that if you have non-SSL content on a secure page, the users will get warning messages.
Regards your specific questions
NO - whether data is encrypted depends on where it is GOING TO, not where it is coming from
YES - but only if you DO NOT set the secure_only cookie flag - note that if you follow my recommendations above, you also need to ensure that the cookie path is set to '/'
the page which processes the username and password MUST be secure. If not then you are exposing your clients authentication details (most people use the same password for all the sites they visit) and anyone running a network sniffer or proxy would have access.
Your EDIT left me a bit confused. SSL is computationally expensive and slow - so you want to minimise its use - but you need to balance this with your users perception of security - don't keep switching from SSL to non-SSL, and although its perfectly secure for users to enter their details on a page served up by non-SSL which sends to a SSL page, the users may not understand this distinction.
C.