How to Find Out if a Page is Secure Using PHP
In this article, we go over how to find out if a page is secure using PHP.
PHP has a $_SERVER['HTTPS'] call that you can use to find out whether a given page is secure or not.
The full PHP code to find out if a page is secure or not is shown below.
If the $_SERVER['HTTPS'] superglobal variable is set, then the page is secure. If it not set, then the page is not secure.
This could be a very important variable, because many websites need have to secure connections for their vistors or customers. Many websites deal with customer-sensitive information such as passwords, credit cards, debit cards, social security numbers, and other important information.
Insecure pages, or regular pages, are easier for hackers to intercept on the web to retrieve information. Thus, sites that deal with customer-sensitive information are better dealt with over a secure connection.
Secure websites are websites that have pages that begin with https://. https means that the page is secure; it's being handled over a secure connection. Insecure pages, or regular pages, begin with http://. http means that the page is not being handled over a secure connection.
This PHP superglobal variable can be used to find out if a page is secure. And based on that, you can do anything, such as decide to take in customer-sensitive information or redirect a user to a secure page on the website (rather than the insecure page). So many things can be dealt with based on this superglobal variable. Once you know whether a page is secure or not, you can write code that takes any actions based on what you feel is appropriate for your website.
Even if all the links on your website are coded so that they give the absolute pathway and they all contain https,
even this doesn't make your website secure. This is because the user can still go to the URL bar on the web browser and type in
http:// and the full pathway to a page and get the regular page. To prevent this, you can have a script on each page that will redirect
a user from a regular page to a secure page, so that a user can never submit information over a regular page. A user, without
advanced web knowledge, may simply not know that http is insecure and accidently type http instead of the intended https where you
would like him or her to be. So, either way, this can all be prevented by placing a PHP script to redirect a user from a regular
page to a secure page. To see how to redirect a user from a regular page to a secure page, see
How to Redirect a User to a Secure Connection Using PHP.
Actual PHP Output
This page is not secure.
Related Resources
How to Create a New Directory Using PHP
How to Upload Files to Your Server Using Your Own Website
How to Restrict the Size of a File Upload with PHP
How to Create Your Own File Transfer Protocol (FTP) For Your Website Using PHP
How to Create a Register and Login Page Using PHP
How to List All Files in a Directory using PHP
How to List All the Directories of a Website Using PHP
How to List All Files of the Home Directory and Its Subdirectories of a Website Using PHP
How to Read the Contents of a File Using PHP
How to Write Contents to a File Using PHP
How to Copy a File Using PHP
How to Rename a File Using PHP
How to Delete a File Using PHP