Using Secure Sockets Layer
Secure Sockets Layer (SSL) provides encrypted connections, so that you and others can move information across the Internet with confidence that it will not be intercepted or modified in transit. SSL defeats most attempts to eavesdrop, forge or otherwise tamper with your data.
It is appropriate to use SSL to protect passwords, intellectual property, and other information on your Web site that you do not want to travel across the Internet unencrypted.
Regardless of SSL, you should not collect and store highly sensitive or confidential information within your Web site. While SSL encrypts a Web browser's connection to your Web site, it does not protect information sitting in your Web directory. That is, the files in your Web directory are not encrypted and are therefore vulnerable.
Thus, SSL should not be used on these Web servers to collect and store:
- Credit card numbers
- Medical records
- Private personnel records
Send email to firstname.lastname@example.org if you have any questions about the appropriate use of SSL.
Enter https in place of http to open a URL address using SSL. For example:
To link between Web pages using a normal connection, insert a hyperlink and specify a relative target address:
<a href="info.html">read my info!</a>
To link to a Web page using SSL, insert a hyperlink and specify an absolute target address that calls for https:
<a href="https://depts.washington.edu/webdemo/info.html">read my private info!</a>
Note: this is the only time you should specify an absolute target address when linking between pages.htaccess to password-protect files or directories on your Web site, you can enforce the use of SSL. To do so, add the following line to your .htaccess file: