Hi All,

I would like to know something about ecommerce and https, on some ecommerce the payment processor is on the website itself, therefore https is needed but what about paypal,clickandbuy and others?

For example, my customers will input these details prior the https url:
name
surname
email
address
product quantities


do I really need to be https on my site prior passing these informations to paypal or clickandbuy? Or can I just stay on http, how would you do it on your site?

I have heard that some people ill think to be better protected when you own site is https without thinking that the transaction itself will not be made on the site but over the payment processor site.

Hope to get some help!

Many Thanks,

Ben

Hi Ben,

It really depends on your specific audience. As such, I don't really believe there is a blanket yes or no answer to this question.

Without a doubt, the general public is educated to the point where they absolutely expect https (and the secure lock on the browser) to be present any time they enter in cardholder payment details. Some people might want to see everything secured; many others might not care.

However, the fact that this is a concern at all might be a good enough reason to go ahead and get an SSL cert and secure that information... it is inexpensive to obtain a cert these days and it certainly can't "hurt" so it can only help.

So my vote would be that if you have any doubts at all, go for it - it can only help.

THanx CDG,

I will add one to my site then, You are right about everything.

Regards,

Ben

Https all the way, as it will provide secure pass the details of your clients to your website.

Definitely https from start to end point.

Thanks mate!,

Do you know any good tutorial that could help me installing a https link on m checkout pages?

Thanks!

Hi Bambinou,

I think this site can help you with ssl.
http://www.sitepoint.com/article/securing-apache-2-server-ssl/

Thank you so much Woutervz,

I am going to have a look at it now.


BamBam

Ok I just read it all, it teaches well how to create the SSL certificat but does not show you how to add it to your checkout.
I have my SSL on my site already, the server admin have done it.

I only want the ssl certificat to be on on my checkout page for exmaple:
http://www.mysite.com/directory.php?homeinclude=catalog&pageaction=viewcart

How to do this?
is it an hard job?


Many thanks,


BamBam

Greetings:

For ecommerce you want https.

And for PCI Compliance, depending on the page, it is required.

Thank you.

Hi Bam,

You can switch the url from http to https when you request the checkout page?

oh yesmthanks Woutervz, I did not even think about something as simple as thatlol, I was looking at totally something else.

Many thanks,


Bam

One thing I would like to ask, what happen is I just add the https on the full site? would this be ok?
Could this overload the server in time of high traffic?

Thanks for your help

If you can have https , do it mate .

ok thanks,

I honestly think it wouldn't be necessary to put the entire site in https - such as pages that just contain catalog pages of products or services.

If you display all of that via https, it is more than likely going to load slower and you may run into potential order abandonment if people get frustrated as a result of that.

The preferred solution is typically to have non-https for your catalog and then have https in place for any customer order entry pages & checkout pages.

Hi Cdg

I asked my web programmers to only add it to the checkout, I tried to add it on the full site and it was causing other problems, page slowing down, forms not going through, I have to stop it.

Thanks for your help,


I would like to ask you,do you know anything about RSS feed?

I am not too good in coding and my web programmers are not here today, I have a page in PHP where my musicians top charts are showing, it is a dynamic content.
My real problem is, how to get an RSS feed working on dynamic content?

What I do not understand is that PHP will give an output with pictures and band names that could be read in html(if you look at the source code),but when I try to generate an RSS feed from an RSS generator it just does not work, any ideas please?

Regards,


BamBam

Bambinou, SSL certificate is recommended a lot, even if you have web-based type of integration with your payment gateway (when customers are redirected to the site of the payment gateway - in this case it is implied that the payment gateway is responsible for credit card details protection).

With SSL certificate you can also make registration process secure for your customers and admin section secure for yourself (in most shopping carts at least). I believe the certificate is already installed on the server, thus secure connection for the store should be turned on either from admin section (if there is one) or using some other way.

Yea its so simple to have https these days and your customers will look for it. Defiantly go ahead and get it set up.

John

thanks John, really appreciate your feedback.

Bambam

On any page that you are requesting vital private information that your customers may feel scared giving out over the internet, it is nearly mandatory to have a SSL installed.