The problem with putting the whole site under SSL is that there is then no caching.
If one goes for a hybrid approach, the encrypted and unencrypted parts of the site should be under two different host names (typically secure.site.com and www.site.com). The latest version of the module that is I believe only available under source control, make that a lot easier by allowing you to speciy the host name for each, and have automatic redirects.
↧
