what is the use of https?

Question

I am a beginner in HTTPS technology :(. I have some doubt regarding the HTTPS implementation.

suppose I have a registration form

http://www.sitename         


        

Answer 1

HTTPS involves many layers and they are all there to ensure that your HTTP communication over the wire is encrypted and secure. One of the mechanisms it uses to ensure that security, is to prove to the client that the server is actually who he says he is and not someone who pretending to be the server. This is achieved using server certificates that are issued by certificate authorities that most clients trust.

Thus, you would need a few things for your form to work over HTTPS securely:

1. You need to configure your web server so that it responds to HTTPS requests in the first place. HTTPS requests are served on port 443 so that they don't get mixed up with normal HTTP requests.
2. You need to obtain a server certificate from a certificate authority that matches the domain name of your HTTPS requests (in the example you give that would be "www.sitename.com")
3. Finally, you need to make sure that the URL that your form posts the data it collected to is also an HTTPS URL, because, otherwise, you would have just secured the contents of the original form but not the data the user has submitted.

For your, register.php page there won't be a difference between clients that come from HTTPS or HTTP, your handling will be the same. However, if you want to force users to use HTTPS then you need to first check to see if the request is plain HTTP and if it is redirect the user to the same page with the HTTPS protocol. That way no one can inadvertently use the insecure address.