There are instances where a full htaccess redirect rule is not the best solution, specifically to enforce only a single page to be encrypted. This may occur during PCI compliance scans which report an insecure login page. In this example, simply adding the following code to the header of the SSL-desired page will force it to revert to a secure connection:
(paste inside PHP brackets)
Tweet
// MAKING SECURE PAGE LOAD
$secure_url = sprintf("%s%s%s","https://",$HTTP_HOST,$REQUEST_URI);
if(isset($_SERVER["HTTPS"])){
// do nothing
} else {
Header("Location: $secure_url");
}
// MADE SECURE PAGE LOAD
At work the man I worked with got a virus opening a picture and when I am not there he tends to use my computer because its faster, I have important information about payrolls and financial info about the company and I can’t afford to lose it. Thanks santoramaa
Thanks for writing about this. There’s a bunch of good tech info on the internet. You’ve got a lot of that info here on your site. I’m impressed – I try to keep a couple blogs fairly up-to-date, but it’s a struggle sometimes. You’ve done a great job with this one. How do you do it?
Could you go into more detail on this? Btw, the advice you gave me is really good.