Hi,
Currently I'm hosting at a place that offers me a secure area on their server. I need to be able to add some functionality and would like to use a custom script. My current host allows me to only use their scripts in the CGI-bin. We can not upload to or have access to that area .. that's cool.

Some hosts do offer this service - I'm checking with them.

If I choose to get my own secure certificate (about $25 per year or so) so I can have https://www.whereever.com, will I be able to just use the regular CGI-bin?

Is getting that secure certificate worth the $ per year?

Thanks!

Unless you are running an ecommerce site, you can just generate a non-authenticated certificate yourself (or we can help you out). The only difference being that a warning message pops up but the connection is still encrypted.

Actually, the security certificate is $100 to $250 per year.... I will be collecting confidential information including CC#, but will not be doing any web processing of the cc information - it will all be done by hand.

Hi,

What you want to do is simple. You buy the cert and secure the domain. You will only be using the cgi-bin for processing the scripts while the info will be transferred to a database from a secured page.

Get a Thawte cert for about $125.

Unless they're doing something odd with their setup then yes you should be able to use your regular CGI-BIN securely. You just need to type the S in the URL (https://) and it should use the secure port instead of :80. Beyond that all should function the same as through port 80

Greg Moore

my suggestion would be to just find a host that allows you to upload your custom scripts to the cgi-bin folder. Finding a host that will let you do that should not be that hard.

Depending how the host has thier secure servers setup you may be able to run a script from the secure server itself.

On some hosts, if you try to access a file or directory on a non-secure machine from a secure form the user will get a warning message. And that looks very unprofessional as well as scaring off some customers.

You might want to check out OLM.net when I was a customer of theirs, they let you upload your own scripts, and use the shared SSL cert.