Re: staying in SSL - Stefan Scott - ru.sysoev.nginx

12 messages in ru.sysoev.nginxRe: staying in SSL

From	Sent On	Attachments
Stefan Scott	Feb 13, 2009 2:48 pm
Stefan Scott	Feb 13, 2009 4:26 pm
Stefan Scott	Feb 13, 2009 4:55 pm
Jim Ohlstein	Feb 13, 2009 5:37 pm
Rob Schultz	Feb 13, 2009 5:55 pm
Stefan Scott	Feb 13, 2009 7:06 pm
Rob Schultz	Feb 13, 2009 7:22 pm
Stefan Scott	Feb 13, 2009 8:39 pm
Stefan Scott	Feb 13, 2009 8:59 pm
Stefan Scott	Feb 13, 2009 9:01 pm
Igor Sysoev	Feb 14, 2009 3:59 am
Maxim Dounin	Feb 14, 2009 4:28 am

	Permalink for this message Paste this link in email or IM:
	Permalink for this thread Paste this link in email or IM:
	Atom feed for this thread Paste this URL into your reader:

Subject:	Re: staying in SSL	Actions...
From:	Stefan Scott (lis...@ruby-forum.com)
Date:	Feb 13, 2009 8:39:42 pm
List:	ru.sysoev.nginx

Rob Schultz wrote:

On Feb 13, 2009, at 9:06 PM, Stefan Scott wrote:

is gonna be a whole 'nother can of worms I guess.)

You are going to open yourself up to security issues if you go to a http after authentication. All your information will be able to be sniffed and potentially get the session id for your current session and get into your phpmyadmin install that way. if you want it to be secure you need to start on https and stay on https.

OK, thanks for the heads-up! I'll just stay in https for the whole session then.

	Start a set with this search
	Include this search in one of my sets
	Exclude this search from one of my sets
	Permalink to these results Paste this link in email or IM:
	Atom feed for tracking future search results Paste this URL into your reader: