Switching between HTTP and HTTPS pages with secure session-cookie

by

A simpler alternative: It is becoming an increasingly accepted alternative to use TLS all the time, rather than switching back and forth between secure and unsecure connections. The bulk of additional processing time is spent setting up the secure tunnel, but this is only done once and cached (typically). The symmetric encryption of subsequent traffic is very, very fast on modern processors. It’s somewhat out-of-date thinking to believe that this would cause a server overhead or scalability issue.

In a recent blog post, a Google engineer reported that when they switched to HTTPS-only for GMail, they found their server overheard increased by only 4%. (Can’t find the citation.)

More Related Contents:

  1. Force SSL/https using .htaccess and mod_rewrite
  2. Session lost when switching from HTTP to HTTPS in PHP
  3. A problem occurred somewhere in the SSL/TLS handshake
  4. How to get SSL certificate info with CURL in PHP?
  5. Disable certificate verification in PHP SoapClient
  6. PHP CURL CURLOPT_SSL_VERIFYPEER ignored
  7. Setting up SSL on a local xampp/apache server
  8. How to force Laravel Project to use HTTPS for all routes?
  9. cURL requires CURLOPT_SSL_VERIFYPEER=FALSE
  10. How can I have CodeIgniter load specific pages using SSL?
  11. How to encrypt/decrypt data in php?
  12. How to find out if you’re using HTTPS without $_SERVER[‘HTTPS’]
  13. cURL error 60: SSL certificate: unable to get local issuer certificate
  14. PHP AES encrypt / decrypt
  15. Paypal Access – SSL certificate: unable to get local issuer certificate
  16. Laravel – Session store not set on request
  17. Is it possible to hide/encode/encrypt php source code and let others have the system?
  18. Socket transport “ssl” in PHP not enabled
  19. TLS 1.2 not working in cURL
  20. What is the difference between Sessions and Cookies in PHP?
  21. How can I decrypt a password hash in PHP?
  22. Decrypting strings in Python that were encrypted with MCRYPT_RIJNDAEL_256 in PHP
  23. Connect to remote MySQL server with SSL from PHP
  24. Is it secure to store a password in a session? [duplicate]
  25. Use openssl_encrypt to replace Mcrypt for 3DES-ECB encryption
  26. Load Blade assets with https in Laravel
  27. file_get_contents() how to fix error “Failed to open stream”, “No such file”
  28. Setting up PHPMailer with Office365 SMTP
  29. Make a HTTPS request through PHP and get response
  30. PHP to MySQL SSL Connections

Leave a Comment