I know https is a secure site. My question is how can you have different sites with basically the same URL?
Example...
and
Any takers on this one?
Example...
and
Any takers on this one?
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Question: http vs https
- Thread starter MadMango
- Start date
- Thread starter
- #3
As an example, using Active Server Pages (ASP) you would check the value of
-- if it's "ON" then the page was accessed through a secure channel, and if it's "OFF" then it wasn't.
As Pete noted this code should be entirely on the server, not in something the browser can see (like client-side Javascript).
Code:
Request.ServerVariables("HTTPS")As Pete noted this code should be entirely on the server, not in something the browser can see (like client-side Javascript).
- Thread starter
- #7
Palbano and Genimuse, thanks for the education. Not a very satisfying answer though... ![[thumbsdown]](/data/assets/smilies/thumbsdown.gif "[thumbsdown] [thumbsdown]")
I'm not referring to you, but rather the fact that this can happen in the first place. If I tell someone, "Sure I have a website, it's PhenomQuest.net, check it out." How are they to know to prefix it by HTTP or HTTPS? This is what is burnng me.![[bugeyed]](/data/assets/smilies/bugeyed.gif "[bugeyed] [bugeyed]")
I'm not referring to you, but rather the fact that this can happen in the first place. If I tell someone, "Sure I have a website, it's PhenomQuest.net, check it out." How are they to know to prefix it by HTTP or HTTPS? This is what is burnng me.
They don't need to know. If it can be accessed by https then it can be accessed via http. No one (and no browser) is going to assume that you have to access a home page via https. Your job, then, as the creator of the site is to redirect them to an https version of the page.
In ASP this code (via an include) at the top of ever page that needs to be secure will ensure that it's not accessed insecurely:
No site that I'm aware of puts its home page under SSL anyway (the https version) because it's so easy to just make all links from there on have an https prefix.
What is the situation you have where this doesn't apply?
In ASP this code (via an include) at the top of ever page that needs to be secure will ensure that it's not accessed insecurely:
Code:
<%
If Request.ServerVariables("HTTPS") <> "ON" Then
Response.Redirect("[URL unfurl="true"]https://"[/URL] & Request.Servervariables("PATH_INFO"))
End If
%>No site that I'm aware of puts its home page under SSL anyway (the https version) because it's so easy to just make all links from there on have an https prefix.
What is the situation you have where this doesn't apply?
- Thread starter
- #9
Here's the thing...
is my hobby site.
is [red]not[/red] my site in any way, shape or form. I stumbled upon it by a fluke.
I was noticing that I was getting a high number of hits, and was trying to figure out why (since it's a small hobby site of mine). I knew word couldn't be spreading that quickly about my site. On my site report, I kept seeing that a lot of people were visiting the site, but only staying for a few seconds. This tipped me off that something strange was going on.
is my hobby site.
is [red]not[/red] my site in any way, shape or form. I stumbled upon it by a fluke.
I was noticing that I was getting a high number of hits, and was trying to figure out why (since it's a small hobby site of mine). I knew word couldn't be spreading that quickly about my site. On my site report, I kept seeing that a lot of people were visiting the site, but only staying for a few seconds. This tipped me off that something strange was going on.
Hmm. It appears you should talk to your registrar. Somethng is wrong with the way the dns records are setup -- there defiitely should not be two sites like that with ths same URL. Perhaps you've been hacked -- that or one of the registrars haas really screwed up.
I would say there's a DNS problem somewhere.
Pinging and return the same IP address and server name. Could these sites be hosted on the same server - kearney.adaptive.net?
Pinging and return the same IP address and server name. Could these sites be hosted on the same server - kearney.adaptive.net?
- Thread starter
- #12
![[peace]](/data/assets/smilies/peace.gif "[peace] [peace]")
frozenpeas
Technical User
Let us know what they say!
frozenpeas
frozenpeas
- Thread starter
- #15
frozenpeas
Technical User
I have found burtonhosting.com to be fantastic
frozenpeas
frozenpeas
- Thread starter
- #17
Thanks for the link frozenpeas, I will take a look. My main problem is that hosting costs come out of my pocket, so I'd like to stay in the price range that I have, which I think is dirt cheap. Perhaps that's part of my problem, you get what you pay for.
$9.95USD a month gets me:
300mb space, 6gb/month bandwidth over OC-3 connection.
10 POP3 Accounts.
Support for ASP, PERL CGI-BIN, PHP Scripting.
Shopping Cart Tools, Sales Reports, SSL, real-time Credit card processing (not that I use these at this time).
Dailiy backups, UPS.
$9.95USD a month gets me:
300mb space, 6gb/month bandwidth over OC-3 connection.
10 POP3 Accounts.
Support for ASP, PERL CGI-BIN, PHP Scripting.
Shopping Cart Tools, Sales Reports, SSL, real-time Credit card processing (not that I use these at this time).
Dailiy backups, UPS.
Hi Guys,
The likely cause of this is that you are running on a name based virtual server. This means that the server only has one IP and that the server decides what content to serve by using the request from the browser.
SSL requires a unique IP address for every domain. Because you are running on a server with only 1 IP, any requests to port 443 (SSL), the server looks and sees that it is configured to serve the SSL enabled site, hence different content from your site.
Hope this helps
Wullie
The pessimist complains about the wind. The optimist expects it to change.
The leader adjusts the sails. - John Maxwell
The likely cause of this is that you are running on a name based virtual server. This means that the server only has one IP and that the server decides what content to serve by using the request from the browser.
SSL requires a unique IP address for every domain. Because you are running on a server with only 1 IP, any requests to port 443 (SSL), the server looks and sees that it is configured to serve the SSL enabled site, hence different content from your site.
Hope this helps
Wullie
The pessimist complains about the wind. The optimist expects it to change.
The leader adjusts the sails. - John Maxwell
- Status