Forum Discussion

Altostratus

Jun 13, 2019

Solved

https for login page only

Hello, I have special request for one of our websites where they want the login page to be https but once logged in they want everything after that to be http only. to me that translate to an i...

Dario_Garrido
Jun 13, 2019
I strongly discourage you to do that. This type of communication is known as unsecure.

Take into account this, if one user could steal the cookie from another user, he/she could access the web page like being the other user.

Conclusion:
- Totally HTTPS Communication = Great!
- Partially HTTPS Communication = HTTP = Unsecure

KR,
Dario.

Mohsen

Altostratus

Jun 13, 2019

I don't see the option to select as best answer.

Forum Discussion

https for login page only

Recent Discussions

What is the meaning is 52% block in WAF

Rundeck ansible F5 errors

rewrite Azure AD response for portal access via web portal

AS3 Monitoring multiple ports selectively

Open Redirection Mitigation

Related Content

https and separate port VS

JSON elements for login page

HTTP::uri "/new-page[HTTP::uri]" without pool specified

16.0.1 LTM OVA Login

Download file from AWS S3 bucket / http profile