The company developed an e-mall project. Now it is required that registration, login, shopping cart, and payment pages be set to HTTPS transmission, and other pages to HTTP transmission. Please let me know how to configure it?
The company developed an e-mall project. It is now required that registration, login, shopping cart, and payment pages be set to HTTPS transmission, and other pages to HTTP transmission. Please let me know how to configure it?
A single domain name cannot solve this problem, because when you deploy the site exapmle.com
as https
, the entire site is https
transmitted,
You can choose the corresponding transmission method for a certain site
General page http://example.com
Log in and register https://account.example.com
Shopping cart https://cart.example.com
Pay https://pay.example.com
Deploy two domain names: http://a.com and https://ssl.a.com. The relevant places can be cross-domain.
I agree with @leandre and @godruoyi's answers, separate the domain names that need to use the https protocol, and use the https protocol when requesting related URLs.
But this has an inconvenience: usually a page with an https protocol domain name needs to access the domain name content of the http protocol. This will involve cross-domain issues. There are also related cross-domain solutions, which can be done, but it will be more troublesome. .
So it is recommended to use https for the entire site. Although there will be performance losses, if the optimization is done well, the performance of https is completely acceptable.