1. Contracting
    1. General
      1. Brexit
    2. Business / Contracts
      1. Coronavirus Assistance
    3. Accounting / Legal
      1. Umbrella Companies
      2. HMRC Scheme Enquiries
      3. The Future of Contracting
      4. IR35 Reform
    4. Technical
    5. Welcome / FAQs
  2. Social
    1. Light Relief
    2. Social / Events
  • Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
  • Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!

Secure Websites

Collapse
X
1 to 9 of 9 Previous template Next
Collapse
Reply to Thread
  •  
  • Filter
  • Time
  • Show
Clear All
new posts
1 to 9 of 9 Previous template Next
    #1

    Secure Websites

    I have a question that I am sure that many of you can answer for me because I am not at all a techie.

    When sending my personal and payment details over the web I usually check that the page that I am inputting the details to is already an "https" site and I see the padlock (using IE).

    But if I find myself inputting the details into an http site, even though it sends the details to an https site, am I right in thinking that it is not actually secure because the details have to go from the current site, through who knows how many computers, before they get to the secure site?

    Thanks
    Tags: None
    #2
    Originally posted by Gonzo
    But if I find myself inputting the details into an http site, even though it sends the details to an https site, am I right in thinking that it is not actually secure because the details have to go from the current site, through who knows how many computers, before they get to the secure site?
    Yes, but if you were really worried about this stuff you'd also have stopped using IE by now.
    Listen to my last album on Spotify

    Comment

      #3
      Originally posted by Gonzo
      I have a question that I am sure that many of you can answer for me because I am not at all a techie.

      When sending my personal and payment details over the web I usually check that the page that I am inputting the details to is already an "https" site and I see the padlock (using IE).

      But if I find myself inputting the details into an http site, even though it sends the details to an https site, am I right in thinking that it is not actually secure because the details have to go from the current site, through who knows how many computers, before they get to the secure site?

      Thanks
      I am wary about sites missing https. Some pages though will show http , but have a second https coonnection to the web site. ( a certain frame of the web page uses different connection). This means if it says http , it is not necessarily not secure. Best practice: Use only reputable sites , or call and ask before or use netstat to verify there is a secure connection.

      Comment

        #4
        In order for a transaction to be secure, both the page containing the form and the page to which this information is transmitted must be on https. Anything else and your information is at risk.

        Comment

          #5
          Originally posted by chicane
          In order for a transaction to be secure, both the page containing the form and the page to which this information is transmitted must be on https. Anything else and your information is at risk.

          " The page to which information is sent" ? I thought http is sent to web servers.

          Comment

            #6
            Always be wary if your connection to a particular site is https:// . Anything else can be intercepted very easily. Especially those that are needing personal and financial data entered. If you get a popup and you do not see the URL, press F11 and get the address in IE.

            Web infrastructures can be very complex, and your connections (client to web server) need to be secure. Behind the https site's exterior(firewall) it may well be http(web to app or db)...but will be a lot more secure and non intercepted if the security is right.

            Firefox warns you of this and is pretty secure...Ie depending on version can be a problem

            Comment

              #7
              Originally posted by 2uk
              " The page to which information is sent" ? I thought http is sent to web servers.
              Quit being pedantic. From a web developer point of view, the get or post variables submitted by the client browser are sent to a script for processing, which equates to a page from the browser's point of view. The server just acts as a communication mechanism between the client browser and the script and is not particularly relevant within the scope of this discussion.

              So there.

              Comment

                #8
                Originally posted by chicane
                Quit being pedantic. From a web developer point of view, the get or post variables submitted by the client browser are sent to a script for processing, which equates to a page from the browser's point of view. The server just acts as a communication mechanism between the client browser and the script and is not particularly relevant within the scope of this discussion.

                So there.
                I see. Good explanation. But is it true that although a browser's address shows http ( not https) it can still have second https connection to ( either the same or different URL ). For example if certain frame on the page is sourced by this other URL.

                I know this is not a good practice , I am just curious.

                Comment

                  #9
                  Yes it is true. View the frame source to see the details...

                  Older and ...well, just older!!

                  Comment

                  Reply to Thread
                  1 to 9 of 9 Previous template Next

                  Advertisers

                  1. Contracting
                    1. General
                      1. Brexit
                    2. Business / Contracts
                      1. Coronavirus Assistance
                    3. Accounting / Legal
                      1. Umbrella Companies
                      2. HMRC Scheme Enquiries
                      3. The Future of Contracting
                      4. IR35 Reform
                    4. Technical
                    5. Welcome / FAQs
                  2. Social
                    1. Light Relief
                    2. Social / Events
                  Working...
                  X