Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

How do I make the admin panel run in SSL


afmort

Recommended Posts

I have got all of my site on the cutomer side to run using ssl when needed, but when I access my control panel for the admin from SSL, when I go to click on another link it changes it back to a regular link and takes away the https and changes it back to just http. What do I need to edit so that it remains https (SSL) links when in the admin section? Thanks

Link to comment
Share on other sites

In your 'admin' directory there should be a .htaccess file. Add this bit of code to it, and put in the pathway to your 'admin' folder.

 

SSLRequireSSL

ErrorDocument 403 https://www.yourdomain.com/youradminfolder

 

This will force everything in 'admin' to be run under SSL. You will still need to Password Protect that folder, if you have not already done so.

 

Vger

Link to comment
Share on other sites

Changing the config file to try and make it all run in ssl mode would be a mistake. The small snippet of code I sent you will work when placed inside a .htaccess file that has been uploaded in ascii mode, not in binary mode.

 

Vger

I tried that but it doesn't load anything. Is there a way to just tell the admin pages to have all the pages read https:// instead of http:// by changing something in the config file?

Link to comment
Share on other sites

In /admin/includes/configure.php change

 

define('HTTP_SERVER', 'http://www.yourserver.com'); // eg, http://localhost - should not be empty for productive servers

 

to

 

define('HTTP_SERVER', 'https://www.yourserver.com'); // eg, http://localhost - should not be empty for productive servers

 

That ought to append https to all subsequent calls to admin pages after you enter.

 

Hope that helps!

 

Iggy

Everything's funny but nothing's a joke...

Link to comment
Share on other sites

Changing the config file to try and make it all run in ssl mode would be a mistake.  The small snippet of code I sent you will work when placed inside a .htaccess file that has been uploaded in ascii mode, not in binary mode.

 

Vger

 

Hi there Vger!

 

Why would it be a mistake to run the backend entirely https? Just wondering.

 

Thanks,

Iggy

Everything's funny but nothing's a joke...

Link to comment
Share on other sites

for some reason my configure.php file was missing the following lines so I added them:

 

define('HTTPS_SERVER', 'https://www.webserver.com');

define('ENABLE_SSL', 'true');

 

it did have these though:

 

define('HTTPS_CATALOG_SERVER', 'https://www.webserver.com');

define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module

 

 

I also changed a line in the /admin/includes/functions/html_output.php file:

 

FROM

 

function tep_href_link($page = '', $parameters = '', $connection = 'NONSSL') {

 

TO

 

function tep_href_link($page = '', $parameters = '', $connection = 'SSL') {

 

 

After I made those changes it worked just fine.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...