Solved

domain cloaking /masking  to ssl page

Posted on 2010-08-12
4
578 Views
Last Modified: 2013-11-30
I have a shared hosting account that has 300 websites. I put a contact form on each website.
I cant afford to buy a ssl for each site so i was considering buying one ssl and when the user fills out the form it would redirect them to the application website that has the ssl.

My problem is i don't want the user knowing that they are being forwarded to another site for fear of them not filling out the form.

so my question is how can i forward the client to the application website with the ssl and them being non the wiser.  I need the form secure and safe any suggestions .
0
Comment
Question by:tomjenkins12
  • 2
4 Comments
 
LVL 11

Expert Comment

by:Paul S
ID: 33425831
This is a very difficult thing giving the current state of malware on the internet. All the malware and malicious websites have made these types of behaviors associated with cyber-crime. Therefore, even if you figure out how to do it, most likely some big red flags are going to appear on the users screen.

When it comes to SSL certs in this day and age, paying the extra money to look legit is normally worth it. Unless you want your customers to go somewhere else.


.... now with all that being said. If you purchase a good SSL cert for a matching domain, then you might be able to forward to that domain inside of an iFrame so users don't know.
0
 
LVL 11

Expert Comment

by:JoeNuvo
ID: 33426360
what I ever do for this case is

the master form's TARGET is my SSL page (different hostname from master form)
and once my SSL page finish process, it will redirect member to other page.
(SSL page will process only, not have any interface/user interact)

in your case, user must redirect back to their original website.
(either check the referral url, or you must pass hidden parameter with the form)

Hope this can give you some idea to work on your web.
0
 

Author Comment

by:tomjenkins12
ID: 33431971
joenuvo

Ok so the user goes to website A which has no SSL  
Website B has the SSL

I want the user to fill out the form on website B (SSL ) so their data is encrypted , but I don't want the user to know they left website A (non SSL )

Cant I cloak  the redirect with php so the client thinks they are on website  A , than when the form is completed redirect them to the thank you page on website A

I just cant figure out how to cloak the url
0
 
LVL 11

Accepted Solution

by:
JoeNuvo earned 500 total points
ID: 33601978
Instead of having form on Web B which required you to do some clocking
You may have the form filling page on website A and submit to website B using target as "https" URL

WEB A
http://web_a/sub/comment.php :  form filling page, form target is on Web B
for ex. https://web_b/sub/formprocess.php
|
| submit content will went under SSL to web B for process
|
v
WEB B
https://web_b/sub/formprocess.php : perform any task, like save it to DB etc.   and then redirect to Web A thank you page
web b will know data come from web a, either by check URL Referal OR read some hidden form input
|
| page redirection
|
v
WEB A

0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Learn how to create flexible layouts using relative units in CSS.  New relative units added in CSS3 include vw(viewports width), vh(viewports height), vmin(minimum of viewports height and width), and vmax (maximum of viewports height and width).

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now