Forum Discussion

Mohsen's avatar
Mohsen
Icon for Altostratus rankAltostratus
Jun 13, 2019

https for login page only

Hello,   I have special request for one of our websites where they want the login page to be https but once logged in they want everything after that to be http only. to me that translate to an i...
  • Dario_Garrido's avatar
    Jun 13, 2019

    I strongly discourage you to do that. This type of communication is known as unsecure.

     

    Take into account this, if one user could steal the cookie from another user, he/she could access the web page like being the other user.

     

    Conclusion:

    - Totally HTTPS Communication = Great!

    - Partially HTTPS Communication = HTTP = Unsecure

     

    KR,

    Dario.