+ Post New Thread
Results 1 to 7 of 7
Virtual Learning Platforms Thread, HTTPS for Login but HTTP for other pages in Technical; Hi. I'm currently using SharePoint for our School VLE. Internally, it works great. However, the VLE is terribly slow when ...
  1. #1
    bandgeekmafia78's Avatar
    Join Date
    May 2007
    Location
    Salford
    Posts
    382
    Thank Post
    88
    Thanked 22 Times in 14 Posts
    Rep Power
    21

    HTTPS for Login but HTTP for other pages

    Hi.

    I'm currently using SharePoint for our School VLE. Internally, it works great. However, the VLE is terribly slow when its being used externally. Our whole VLE is currently HTTPS when you authenticate externally. I am interested in just making our login page HTTPS and the rest of it HTTP.

    Having done a bit of research it seems that HTTP is a less secure method. However, I'm interested to know if anyone else is currently doing this with their school's VLE and if so, have you encountered any security issues?

    Thanks.

  2. #2

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,828
    Thank Post
    875
    Thanked 1,675 Times in 1,458 Posts
    Blog Entries
    12
    Rep Power
    444
    I am pretty sure there is a "rule" saying VLE's in the UK need to be all HTTPS. But that might be back in the days if BECTA.

    Ours is Moodle all HTTPS and we dont have any performance hit.
    Last edited by FN-GM; 9th August 2012 at 11:04 AM.

  3. Thanks to FN-GM from:

    bandgeekmafia78 (9th August 2012)

  4. #3
    bandgeekmafia78's Avatar
    Join Date
    May 2007
    Location
    Salford
    Posts
    382
    Thank Post
    88
    Thanked 22 Times in 14 Posts
    Rep Power
    21
    I think its probably the amount of data we have on our SharePoint to be honest. Not much I can do about that apart from telling the staff to stop working

  5. #4

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    9,930
    Thank Post
    1,337
    Thanked 1,781 Times in 1,105 Posts
    Blog Entries
    19
    Rep Power
    594
    A VLE should have all traffic over HTTPS as you never know where data will sit which needs some protection.

  6. #5

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,828
    Thank Post
    875
    Thanked 1,675 Times in 1,458 Posts
    Blog Entries
    12
    Rep Power
    444
    Quote Originally Posted by bandgeekmafia78 View Post
    I think its probably the amount of data we have on our SharePoint to be honest. Not much I can do about that apart from telling the staff to stop working
    Can you not up the specs of the server or somethings?

  7. #6

    twin--turbo's Avatar
    Join Date
    Jun 2012
    Location
    Carlisle
    Posts
    2,334
    Thank Post
    1
    Thanked 381 Times in 340 Posts
    Rep Power
    150
    how is it slow,

    large amounts of data will not slow it down unless large amounts of data are bing pulled your more likly to hit bandwidth problems rather than encription problmes.

    Rob

  8. #7


    Join Date
    Feb 2007
    Location
    51.405546, -0.510212
    Posts
    8,763
    Thank Post
    222
    Thanked 2,630 Times in 1,938 Posts
    Rep Power
    779
    Quote Originally Posted by bandgeekmafia78 View Post
    However, the VLE is terribly slow when its being used externally.
    Unless the VLE is running on a decade old server, you can rule out HTTPS as the cause of the slowness.

    HTTPS isn't (that) expensive any more
    Yes, in the hoary old days of the 1999 web, HTTPS was quite computationally expensive. But thanks to 13 years of Moore's Law, that's no longer the case. It's still more work to set up, yes, but consider the real world case of GMail:

    In January this year (2010), Gmail switched to using HTTPS for everything by default. Previously it had been introduced as an option, but now all of our users use HTTPS to secure their email between their browsers and Google, all the time. In order to do this we had to deploy no additional machines and no special hardware. On our production frontend machines, SSL/TLS accounts for less than 1% of the CPU load, less than 10KB of memory per connection and less than 2% of network overhead. Many people believe that SSL takes a lot of CPU time and we hope the above numbers (public for the first time) will help to dispel that. (Source)
    Quote Originally Posted by bandgeekmafia78 View Post
    I am interested in just making our login page HTTPS and the rest of it HTTP.
    As others have said above, this is a bad idea.

SHARE:
+ Post New Thread

Similar Threads

  1. [SIMS] SIMS Connection failed for Login USERNAME reason: 0
    By tech_guy in forum MIS Systems
    Replies: 42
    Last Post: 17th July 2014, 01:25 PM
  2. Sanity check - try accessing https://extranet.aqa.org.uk for me?
    By pete in forum Internet Related/Filtering/Firewall
    Replies: 5
    Last Post: 17th May 2012, 02:17 PM
  3. Replies: 12
    Last Post: 15th April 2011, 10:46 AM
  4. PXE Boot stopped working for HPs (but not Dells)
    By beast_gts in forum O/S Deployment
    Replies: 1
    Last Post: 17th November 2008, 12:33 PM
  5. Replies: 6
    Last Post: 28th June 2008, 11:55 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •