0

I've got some minor experience with php, but my question is:

How do I verify and display an alert when a link in my page is visited in http instead of https. I use canarytokens to display an image, to see where someone is coming from. But the page list 32 visits, but I only have 2 triggers of the canary token. Which brought me to the idea, how can i display a PopUp that the visitor is vulnerable to an ssl downgrade attack, suggesting to use https everywhere in order to keep the end users / visitors safe?

A sample page is: https://cyberawareonline.isee2it.nl/index.php/en/security/63-passwords

Would appreciate it if you could help me out.

Kind regards, Martijn

don't know where to start

i don't know, it's client side

don't know

Martijn
  • 1
  • 1
  • Why don't you just configure your server to redirect everything to HTTPS? – Barmar Oct 07 '19 at 08:01
  • You can check if `$_SERVER['HTTPS']` is set. – Barmar Oct 07 '19 at 08:01
  • You can check your url with this https://stackoverflow.com/questions/4503135/php-get-site-url-protocol-http-vs-https also after then that you can use Ajax to pop up message check sweat alert if you want – Cafer Yükseloğlu Oct 07 '19 at 08:23
  • Hi Barmar, it does so allready, but a image is loaded on purpose with http, because otherwise it will not trigger it. So when using https everywhere it's not triggered. This 'handicap' gave me the idea, to check from a user perspective to alert them that the site is not loading in full https. the canarytoken is of less importance here as I've got other means. – Martijn Oct 07 '19 at 09:20
  • Hi Samuhay, allot of code on that page and opinions differ, still it's not answering my question, because the page loads in https, but a certain link does not. – Martijn Oct 07 '19 at 09:21

0 Answers0