[support] Drupal on HTTPS
Daniel Carrera
daniel.carrera at zmsl.com
Thu Oct 23 08:48:26 UTC 2008
Thanks.
You mention performance issues. How bad is it? I spent several hours
Googling and I found two papers. One that claims that the delay due to
HTTPS is minimal and another that claims that the delay is significant. :-(
Metzler, David wrote:
> Naw we do this (Aside from the obvious performance issues about
> decripting data for large numbers of hits). There's a securepages
> module out there to force redirects on certain pages if your interested
> in making sur ethat just the login informatioin or user information
> happens over https.
>
> http://drupal.org/project/securepages
>
> Dave
>
> -----Original Message-----
> From: support-bounces at drupal.org [mailto:support-bounces at drupal.org] On
> Behalf Of Daniel Carrera
> Sent: Wednesday, October 22, 2008 1:07 PM
> To: support at drupal.org
> Subject: [support] Drupal on HTTPS
>
> Hello,
>
> Is there any harm in serving Drupal over HTTPS instead of HTTP?
>
> I want the Drupal login to be on HTTPS because I just don't like sending
> passwords in plain text. But with Apache it is no more work to make the
> entire site run on HTTPS versus just one page. In fact, it seems easier.
>
> So, I was wondering, is there any good reason not to serve a Drupal site
> over HTTPS? It seems a bit odd, but I figure, if I already have an SSL
> certificate, I figure, what's the harm?
>
> Thanks.
> Daniel
> --
> [ Drupal support list | http://lists.drupal.org/ ]
More information about the support
mailing list