Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

domain cloaking /masking  to ssl page

Posted on 2010-08-12
4
Medium Priority
?
639 Views
Last Modified: 2013-11-30
I have a shared hosting account that has 300 websites. I put a contact form on each website.
I cant afford to buy a ssl for each site so i was considering buying one ssl and when the user fills out the form it would redirect them to the application website that has the ssl.

My problem is i don't want the user knowing that they are being forwarded to another site for fear of them not filling out the form.

so my question is how can i forward the client to the application website with the ssl and them being non the wiser.  I need the form secure and safe any suggestions .
0
Comment
Question by:tomjenkins12
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 11

Expert Comment

by:Paul S
ID: 33425831
This is a very difficult thing giving the current state of malware on the internet. All the malware and malicious websites have made these types of behaviors associated with cyber-crime. Therefore, even if you figure out how to do it, most likely some big red flags are going to appear on the users screen.

When it comes to SSL certs in this day and age, paying the extra money to look legit is normally worth it. Unless you want your customers to go somewhere else.


.... now with all that being said. If you purchase a good SSL cert for a matching domain, then you might be able to forward to that domain inside of an iFrame so users don't know.
0
 
LVL 11

Expert Comment

by:JoeNuvo
ID: 33426360
what I ever do for this case is

the master form's TARGET is my SSL page (different hostname from master form)
and once my SSL page finish process, it will redirect member to other page.
(SSL page will process only, not have any interface/user interact)

in your case, user must redirect back to their original website.
(either check the referral url, or you must pass hidden parameter with the form)

Hope this can give you some idea to work on your web.
0
 

Author Comment

by:tomjenkins12
ID: 33431971
joenuvo

Ok so the user goes to website A which has no SSL  
Website B has the SSL

I want the user to fill out the form on website B (SSL ) so their data is encrypted , but I don't want the user to know they left website A (non SSL )

Cant I cloak  the redirect with php so the client thinks they are on website  A , than when the form is completed redirect them to the thank you page on website A

I just cant figure out how to cloak the url
0
 
LVL 11

Accepted Solution

by:
JoeNuvo earned 2000 total points
ID: 33601978
Instead of having form on Web B which required you to do some clocking
You may have the form filling page on website A and submit to website B using target as "https" URL

WEB A
http://web_a/sub/comment.php :  form filling page, form target is on Web B
for ex. https://web_b/sub/formprocess.php
|
| submit content will went under SSL to web B for process
|
v
WEB B
https://web_b/sub/formprocess.php : perform any task, like save it to DB etc.   and then redirect to Web A thank you page
web b will know data come from web a, either by check URL Referal OR read some hidden form input
|
| page redirection
|
v
WEB A

0

Featured Post

Flexible connectivity for any environment

The KE6900 series can extend and deploy computers with high definition displays across multiple stations in a variety of applications that suit any environment. Expand computer use to stations across multiple rooms with dynamic access.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . Websites are getting bigger and more complicated by the day. Video, images and custom fonts are all great for showcasing your product or service. But the price to pay in…
Without even knowing it, most of us are using web applications on a daily basis.  In fact, Gmail and Yahoo email, Twitter, Facebook, and eBay are used by most of us daily—and they are web applications. We generally confuse these web applications to…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question