Solved

Is this site secure?

Posted on 2006-11-05
2
197 Views
Last Modified: 2013-12-04
At www.sixt.co.uk they claim that the site is secure and yet it is not an https site. The specific page can be found by clicking 'van rental', choose any location and date for delivery, click next, click on any vehicle, click next, ignore the options on the next page, click next and this should bring you to the reservation page where you have to enter your credit card details. The small print claims that the data is sent via SSL but how?
0
Comment
Question by:rsinden
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 17880719
You can send data via SSL, while the page itself may not be recieved via ssl. You sometimes get warnings from your browser to "display both secure and non-secure items"
That message typically occurs in reverse however, the page is served via httpS and there are plain http items as well. You can consider the data sent via ssl secured, however it's a better practice to make the entire page https, not just the CC transaction field.
http://www.hostmysite.com/support/miva5/nonsecure/
I don't think your browser prompts you when the page is served http, and parts are ssl... I'm not sure.
-rich
0
 
LVL 34

Accepted Solution

by:
Dave_Dietz earned 250 total points
ID: 17885195
Yes, this form is secure.

The page itself is sent via HTTP but the form is submitted via HTTPS as evidenced by the ACTION tag in the page source:
<form action="https://www.e-sixt.co.uk/cgi-perl/rental/or" method="post" name="resform">

Since the SSL encryption is negotiated before any data is sent to the server the transmission from the page to the server will be encrypted.

Dave Dietz
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

No security measures warrant 100% as a "silver bullet". The truth is we also cannot assume anything but a defensive and vigilance posture. Adopt no trust by default and reveal in assumption. Only assume anonymity or invisibility in the reverse. Safe…
Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question