Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

OsCommerce and SSL, where?


Guest

Recommended Posts

Hi all. I feel completely stupid for asking this question, but i've searched the forums and haven't found the answer i'm looking for yet so here goes :-"

 

I've just ordered a SSL-certificate and a unique IP that's needed for the secure-domain from my webhost.

Curently my shop is at http://www.domain.com/shop and now my webhost needs to know what domain i want to secure for our certificate.

 

He's wondering if it should be secure.domain.com or just plain domain.com

 

And i don't know what to answer him :blush:

 

Does it make sence to use SSL on the whole shebang, or just go with the secure.domain.com thingye and put the needed stuff there?

 

Any help that could help me clear this up is deeply apreaciated

 

 

regards

Vebj?rn

Link to comment
Share on other sites

Its a matter of choice - I like secure.your_domain.com

 

After you have configured your includes/configure.php files for SSL osCommerce will take care of what pages need to be secure :D

 

Matti

Link to comment
Share on other sites

Well, my advice would be to put it on the same exact domain you expect visitors to come from. However, before you do so, I would also suggest getting rid of the '/shop' subdirectory by moving your cart up one level.

 

So your url would be just http://www.yourdomain.com

Your SSL would be on https://www.yourdomain.com

 

You won't be moving any files anywhere though. You just route customer through the SSL domain, which are pointed back at the files you have now. The only pages that need to do that are ones in the account creation, checkout, acocunt profile, or order history. If you turn SSL on in OSC, it will do this for you automatically.

-------------------------------------------------------------------------------------------------------------------------

NOTE: As of Oct 2006, I'm not as active in this forum as I used to be, but I still work with osC quite a bit.

If you have a question about any of my posts here, your best bet is to contact me though either Email or PM in my profile, and I'll be happy to help.

Link to comment
Share on other sites

Ah...great.

 

Thanks a lot for the advices guys, really apreaciated.

I've never played around much with SSL at all before, so when it came into the picture with OsC i got stuck :blink:

 

So once again, thanks a lot :)

I'll move the /shop up a notch to domain.com when the ssl thingye is up and right before we go live :thumbsup:

Link to comment
Share on other sites

For familiararity for one thing. i think it gives customers a sense of confidence when they see that they are on the same domain for the entire end to end transaction.

 

With all of the doorways and affilliates out there these days, I think it makes sense to provide your customers with a URL they can become familiar with.

-------------------------------------------------------------------------------------------------------------------------

NOTE: As of Oct 2006, I'm not as active in this forum as I used to be, but I still work with osC quite a bit.

If you have a question about any of my posts here, your best bet is to contact me though either Email or PM in my profile, and I'll be happy to help.

Link to comment
Share on other sites

lots of people have multi-tasking websites, some use them for information in one section (usually the domain.com side) and then others use the store either in domain.com/shop or domain.com/store, catalog, like that.

and then off other parts they have a forum.

so to move the store up one really is a personal preference, if all you do is sell then go for it. but if you do more than that it makes it easier and cleaner to keep it all separated.

a customer doesnt care if they see shop or catalog or store if they are in that section (shopping from a catalog or store) all they want to do is move around. they are not looking at the browser address when viewing products.

they want a secure connection when the data they are entering is private, and it does not have to be your own domain.com ssl as many think. the customer is looking for secure and they know there are many sites out there who either use their own ssl or use a shared ssl.

either one works for me and for the people i deal with.

Link to comment
Share on other sites

For me, it's all about deterrants. If there is one potential customer per week that is turned off by not having the SSL on the same domain as the rest of the site, then it's more than worth it.

 

A matter of opinion, for sure, but I try to give people as little to be turned off by as possible.

-------------------------------------------------------------------------------------------------------------------------

NOTE: As of Oct 2006, I'm not as active in this forum as I used to be, but I still work with osC quite a bit.

If you have a question about any of my posts here, your best bet is to contact me though either Email or PM in my profile, and I'll be happy to help.

Link to comment
Share on other sites

For me, it's all about deterrants. If there is one potential customer per week that is turned off by not having the SSL on the same domain as the rest of the site, then it's more than worth it.

 

A matter of opinion, for sure, but I try to give people as little to be turned off by as possible.

 

 

Ok - I was curious as it was a recommendation - to me it was that the domain name offered was 'secure' .domain.com - wouldn't want it to be just anything. I particularly dislike https://someotherdomain.com/~you. I often look in the address bar and 'secure' stands out nicely as a reference that I am still on a secure page, so if it is that + the regular domain name I quite like it. Most financial institutions etc. use something like this - we might have two potential customers per week who stay because they are reassured by seeing it :P

 

Matti

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...