Since the only time visitors use the SSL connection is when they are accessing private info or checking out, all of which are reached by clicking internal links, I don't see any reason why this should be a problem.
In other words, if a user on sample.com wants to login, for example, he'd click the 'login' link, which has an address like http:// sample.com:444/login.html
I don't see any reason why a normal visitor would have to type an https address for these particular websites, so they won't every have to enter the port # by hand.
Even if a visitor bookmarked a secure page, they would bookmark the port.
This seems like a very simple way to conserve IP addresses. I've tested it all, and it works fine. Am I missing some serious downside? The only problem I can see is that I have to open more ports on my firewall, but I don't see why 444 should be any more vulnerable than 443.
Why don't you see more SSL addresses like this? Why shouldn't I do this? Any comments, much appreciated. Brgds: John --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|