HTTPS for the entire site or just for logging into the site?

A

Anton Medvedev2012-11-01 18:19:56

User identification

Anton Medvedev, 2012-11-01 18:19:56

Do I need to use HTTPS on my entire site, or can I just use it for the login and payment form?

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

E

edogs, 2012-11-01
@edogs

If you can insert hotlink pictures from other people's resources on the site or the same YouTube, if other people's banners are spinning, there is some kind of Google Analytics, and so on, then for https there is only a place on the login page.
Firstly, you cannot vouch for the security of content even then.
Secondly, users become paranoid about browser warnings.

N

nochkin, 2012-11-01
@nochkin

It all depends on the content when the user is logged in. If this data has some value, the leakage of which can somehow harm the user, then it is better to use https.
On the other hand, additional resources on https are not that big and you can safely use https on the entire site if you are not sure which is better.

C

cat_crash, 2012-11-01
@cat_crash

Why don't you want to use it on the whole site?
If you do not have data that can be intercepted, for which integrity during transmission, personal or private data is important, then you can leave it only for authorization.