Secure only sensitive pages

  • Resolved ryanb4614

    (@ryanb4614)


    9 years, 1 month ago

    Hello. I deal a lot with needed to optimize my website because I have over 20k products. Since enabling this it seems that my homepage takes longer to load and is automatically going to SSL/HTTPS. Can SSL only be enabled for checkout, my account, coming from checkout to homepage… making sure sensitive info is transferred over ssl? This way when new visitors come they aren’t leaving because the site takes long to load.

Viewing 1 replies (of 1 total)
  • Plugin Contributor Rogier Lankhorst

    (@rogierlankhorst)

    9 years, 1 month ago

    If you’re on apache, you can enable .htaccess redirect in the settings. This is faster than the default wp redirect.

    In my experience, if websites are slow because of SSL, in most cases this is because the site loads a lot of external resources. If that is the case you could try to limit those.

    Not only sensitive pages need to be secured in my opinion. If a user is on an insecure network, and tries to load your site, but the request is redirected to a fake version of your site, this attack will work if you don’t have SSL with HSTS (http strict transport security) enabled on your site. In that case the user would end up on a malicious site.

    If you still want a per page solution, there’s a premium option:
    https://really-simple-ssl.com/downloads/really-simple-ssl-per-page/

    You can read more about HSTS here.
    https://really-simple-ssl.com/hsts-http-strict-transport-security-good/

Viewing 1 replies (of 1 total)

The topic ‘Secure only sensitive pages’ is closed to new replies.