I have a couple of questions.
My site uses a login script (called Deadlock) that uses basic authentication with .htaccess & .htpasswd files and an MySQL db, which I know is unsecure. So I got a Unique IP and a professional SSL Certificate from Dreamhost.
-
How do I tell Dreamhost to use the SSL for certain directories and html files? I know I can use links that specify the full address, adding “https,” but someone could not follow the links and type the address in manually - which would work fine for them, but it wouldn’t be secure. Surely that’s not the correct way to do it.
-
If I do the above and change the links to use HTTPS, would the login script, whose files are never called up by link, but by .htaccess (I guess), be secure? Or would I have to somehow change to code to refer to https addresses somehow. (In which case I’m screwed because I don’t know PHP).
Please help! Thanks in advance.