joehuang
asked on
Encrypt whole web site ?
Is there any way to encrypt whole web site, including all types of file ?
Yes, just setup up a redirect so that anyone connecting to www.domain.com is automatically redirected to https://www.mydomain.com/page2 or something similar
You technically COULD encrypt the entire content of you web site. But everyone trying to access to site and allowed to would require a copy of the decryption key.
Controlling just who has the key and how to get it back if they leave and giving new keys could become a mess really fast.
What you CAN do though is get yourself a sertificate server with it's own CA (Certificate Authority) that could issue certificates containing user credentials for the users you want to grant access to the specefic web site.
Then you could configure you web server to encrypt the communications between the server and the users with SSL. AND you can configure it to require the user ceretificate signed and verified by the CA. Everytime a user would try accessing the site, he/she would get asked for the certificate, witch would then get checked by the CA to make sure it's valid and not revoked.
And bam, there you go.
By the way, the CA server is part of win2k with AD...
Controlling just who has the key and how to get it back if they leave and giving new keys could become a mess really fast.
What you CAN do though is get yourself a sertificate server with it's own CA (Certificate Authority) that could issue certificates containing user credentials for the users you want to grant access to the specefic web site.
Then you could configure you web server to encrypt the communications between the server and the users with SSL. AND you can configure it to require the user ceretificate signed and verified by the CA. Everytime a user would try accessing the site, he/she would get asked for the certificate, witch would then get checked by the CA to make sure it's valid and not revoked.
And bam, there you go.
By the way, the CA server is part of win2k with AD...
The main question is why ?
You will only be able to sustain 2-3 connections per second, which, for a heavily used web server will slow it right down. Depends on processing power, plus standard processors aren't really designed for en/decryption.
Industry practise is to leave home page unencrypted, as this would get most hits, and only encrypt past a certain point - eg customer logon.
You will only be able to sustain 2-3 connections per second, which, for a heavily used web server will slow it right down. Depends on processing power, plus standard processors aren't really designed for en/decryption.
Industry practise is to leave home page unencrypted, as this would get most hits, and only encrypt past a certain point - eg customer logon.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
There is nothing that you restrict to encrypt each file, using PGP or whatever. Just keep in mind that the visitor needs to know how to decrypt it.
Or dou you just mean to encrypt the data stream?
Then simply use SSL on port 443 (https).