Solved

domain cloaking /masking  to ssl page

Posted on 2010-08-12
4
626 Views
Last Modified: 2013-11-30
I have a shared hosting account that has 300 websites. I put a contact form on each website.
I cant afford to buy a ssl for each site so i was considering buying one ssl and when the user fills out the form it would redirect them to the application website that has the ssl.

My problem is i don't want the user knowing that they are being forwarded to another site for fear of them not filling out the form.

so my question is how can i forward the client to the application website with the ssl and them being non the wiser.  I need the form secure and safe any suggestions .
0
Comment
Question by:tomjenkins12
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 11

Expert Comment

by:Paul S
ID: 33425831
This is a very difficult thing giving the current state of malware on the internet. All the malware and malicious websites have made these types of behaviors associated with cyber-crime. Therefore, even if you figure out how to do it, most likely some big red flags are going to appear on the users screen.

When it comes to SSL certs in this day and age, paying the extra money to look legit is normally worth it. Unless you want your customers to go somewhere else.


.... now with all that being said. If you purchase a good SSL cert for a matching domain, then you might be able to forward to that domain inside of an iFrame so users don't know.
0
 
LVL 11

Expert Comment

by:JoeNuvo
ID: 33426360
what I ever do for this case is

the master form's TARGET is my SSL page (different hostname from master form)
and once my SSL page finish process, it will redirect member to other page.
(SSL page will process only, not have any interface/user interact)

in your case, user must redirect back to their original website.
(either check the referral url, or you must pass hidden parameter with the form)

Hope this can give you some idea to work on your web.
0
 

Author Comment

by:tomjenkins12
ID: 33431971
joenuvo

Ok so the user goes to website A which has no SSL  
Website B has the SSL

I want the user to fill out the form on website B (SSL ) so their data is encrypted , but I don't want the user to know they left website A (non SSL )

Cant I cloak  the redirect with php so the client thinks they are on website  A , than when the form is completed redirect them to the thank you page on website A

I just cant figure out how to cloak the url
0
 
LVL 11

Accepted Solution

by:
JoeNuvo earned 500 total points
ID: 33601978
Instead of having form on Web B which required you to do some clocking
You may have the form filling page on website A and submit to website B using target as "https" URL

WEB A
http://web_a/sub/comment.php :  form filling page, form target is on Web B
for ex. https://web_b/sub/formprocess.php
|
| submit content will went under SSL to web B for process
|
v
WEB B
https://web_b/sub/formprocess.php : perform any task, like save it to DB etc.   and then redirect to Web A thank you page
web b will know data come from web a, either by check URL Referal OR read some hidden form input
|
| page redirection
|
v
WEB A

0

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
This program is used to assist in finding and resolving common problems with wireless connections.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question