Enforce SSL connection
Posted on 2005-02-28
How to insure that connection is SSL or require user agent (client)
to attempt to make SSL connection?
I am hosting web site at some PHP host. They have a default SSL sertificate.
I have one page which authenticates and gives sensetive data to the client.
When client connects, I would like to check does the client try secure connection.
If not, I'd like to transform the connection to secure mode.
I don't believe that I can use:
to check secure mode because my host owner can use different port for SSL.
Or, can I rely on this?
The second part of the question is the redirection, if initial request is not in secure mode.
Can I use:
$my_page = "https//my_domain.com/my_page.htm";
header(""Location: "" . $my_page );
I am not sure will this work because I think that this statement sends header back.
But, I need to enforce my server to move into https and prompt user agent to do the same.