Using Secure Sockets Layer
IT Connect > Web > Publishing > Controlling Access to Web Pages > Using SSL
Secure Sockets Layer (SSL) provides encrypted connections, so that you and others can move information across the Internet with confidence that it will not be intercepted or modified in transit. SSL defeats most attempts to eavesdrop, forge or otherwise tamper with your data.
- On This Page
- Appropriate Use
- Opening Addresses Using SSL
- Linking With SSL
Appropriate Use
It is appropriate to use SSL to protect passwords, intellectual property, and other information on your Web site that you do not want to travel across the Internet unencrypted.
Regardless of SSL, you should not collect and store highly sensitive or confidential information within your Web site. While SSL encrypts a Web browser's connection to your Web site, it does not protect information sitting in your Web directory. That is, the files in your Web directory are not encrypted and are therefore vulnerable.
Thus, SSL should not be used on these Web servers to collect and store:
- Credit card numbers
- Medical records
- Private personnel records
Send email to help@u.washington.edu if you have any questions about the appropriate use of SSL.
Opening Addresses Using SSL
Enter https in place of http to open a URL address using SSL. For example:
https://depts.washington.edu/
Linking With SSL
To link between Web pages using a normal connection, insert a hyperlink and specify a relative target address:
<a href="info.html">read my info!</a>
To link to a Web page using SSL, insert a hyperlink and specify an absolute target address that calls for https:
<a href="https://depts.washington.edu/webdemo/info.html">read my private info!</a>
Note: this is the only time you should specify an absolute target address when linking between pages.
Usernames and Passwords With SSL
If you are using htaccess to password-protect files or directories on your Web site, you can enforce the use of SSL. To do so, add the following line to your .htaccess file:SSLRequireSSL
