smarterweb Posted November 17, 2020 Posted November 17, 2020 Even thou we enabled SSL on all pages, you can still reach the URLs of the API webservice via non-ssl standard http. So if you had https://website.com/api/orders it can also be reached by http://website.com/api/orders Shouldn't this be disallowed and automatically be redirected to SSL?
Question
smarterweb
Even thou we enabled SSL on all pages, you can still reach the URLs of the API webservice via non-ssl standard http.
So if you had https://website.com/api/orders it can also be reached by http://website.com/api/orders
Shouldn't this be disallowed and automatically be redirected to SSL?
0 answers to this question
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now