Is it smart to always redirect to https?

Question

Is it smart to always redirect to https?

I am working on a project where the user will pass their username to activate the internet. I want to always redirect the user to the https version and redirect the http version to https so that there is only the http version. Is this a smart move? Could there be problems with mobile devices (WiFi enabled devices)

Thomas

0

https apache2

Thomaschaaf 08 jan. '09 at 18:55

source to share

2 answers

If you are transferring secure data then it is definitely smart to redirect to HTTPS. As a hacker, you are immediately looking for the easiest site to discover. In this case, it will attack any devices that are excluded from the SSL rule.

+1

Mike robinson 08 jan. 09 at 19:21

source to share

d0k · Accepted Answer · 2009-01-08T19:14:27+0000

I don't think there are many devices that don't support ssl. However, there are a few stupidly configured proxies.

Most sites are not "full ssl" due to server load, ssl can bring the server to its knees very quickly.

Is it smart to always redirect to https?

More articles: