Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Encrypt whole web site ?

Posted on 2002-05-03
5
Medium Priority
?
329 Views
Last Modified: 2010-04-11
Is there any way to encrypt whole web site, including all types of file ?
0
Comment
Question by:joehuang
5 Comments
 
LVL 51

Expert Comment

by:ahoffmann
ID: 6989115
what do you mean by "encrypt whole site"?

There is nothing that you restrict to encrypt each file, using PGP or whatever. Just keep in mind that the visitor needs to know how to decrypt it.

Or dou you just mean to encrypt the data stream?
Then simply use SSL on port 443 (https).
0
 
LVL 13

Expert Comment

by:hstiles
ID: 7011415
Yes, just setup up a redirect so that anyone connecting to www.domain.com is automatically redirected to https://www.mydomain.com/page2 or something similar
0
 
LVL 2

Expert Comment

by:rex007
ID: 7011857
You technically COULD encrypt the entire content of you web site. But everyone trying to access to site and allowed to would require a copy of the decryption key.

Controlling just who has the key and how to get it back if they leave and giving new keys  could become a mess really fast.

What you CAN do though is get yourself a sertificate server with it's own CA (Certificate Authority) that could issue certificates containing user credentials for the users you want to grant access to the specefic web site.

Then you could configure you web server to encrypt the communications between the server and the users with SSL. AND you can configure it to require the user ceretificate signed and verified by the CA. Everytime a user would try accessing the site, he/she would get asked for the certificate, witch would then get checked by the CA to make sure it's valid and not revoked.

And bam, there you go.
By the way, the CA server is part of win2k with AD...
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 7013298
The main question is why ?
You will only be able to sustain 2-3 connections per second, which, for a heavily used web server will slow it right down.  Depends on processing power, plus standard processors aren't really designed for en/decryption.
Industry practise is to leave home page unencrypted, as this would get most hits, and only encrypt past a certain point - eg customer logon.
0
 

Accepted Solution

by:
1stomni earned 150 total points
ID: 7021273
Yes you can easily encrypt all the html files using Zend Encoder. (http://www.zend.com) We use it to protect our source code and it works perfect and does not require any certificates or plugins for the user.
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ransomware - Defeated! Client opened the wrong email and was attacked by Ransomware. I was able to use file recovery utilities to find shadow copies of the encrypted files and make a complete recovery.
The Internet has made sending and receiving information online a breeze. But there is also the threat of unauthorized viewing, data tampering, and phoney messages. Surprisingly, a lot of business owners do not fully understand how to use security t…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…

886 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question