• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 210
  • Last Modified:

Is this site secure?

At www.sixt.co.uk they claim that the site is secure and yet it is not an https site. The specific page can be found by clicking 'van rental', choose any location and date for delivery, click next, click on any vehicle, click next, ignore the options on the next page, click next and this should bring you to the reservation page where you have to enter your credit card details. The small print claims that the data is sent via SSL but how?
1 Solution
Rich RumbleSecurity SamuraiCommented:
You can send data via SSL, while the page itself may not be recieved via ssl. You sometimes get warnings from your browser to "display both secure and non-secure items"
That message typically occurs in reverse however, the page is served via httpS and there are plain http items as well. You can consider the data sent via ssl secured, however it's a better practice to make the entire page https, not just the CC transaction field.
I don't think your browser prompts you when the page is served http, and parts are ssl... I'm not sure.
Yes, this form is secure.

The page itself is sent via HTTP but the form is submitted via HTTPS as evidenced by the ACTION tag in the page source:
<form action="https://www.e-sixt.co.uk/cgi-perl/rental/or" method="post" name="resform">

Since the SSL encryption is negotiated before any data is sent to the server the transmission from the page to the server will be encrypted.

Dave Dietz
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

We Need Your Input!

WatchGuard is currently running a beta program for our new macOS Host Sensor for our Threat Detection and Response service. We're looking for more macOS users to help provide insight and feedback to help us make the product even better. Please sign up for our beta program today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now