khellstrom Posted January 9, 2005 Posted January 9, 2005 I have got my SSL working.. the thing is.. I can login with booth http:// and https:// Is it bad that I can do this? does it make it easier to hack if i login with nonsecure on my admin account? im noob at this :) cheers
Guest Posted January 9, 2005 Posted January 9, 2005 if you want ssl for your store admin, set the admin/includes/configure.php http_server top line from http://domain to https://domain
khellstrom Posted January 10, 2005 Author Posted January 10, 2005 even thou i change the top server to https, it still doesnt work. when I login on my admin account (http://server/shop/admin) it still isent secure. ill paste the code from admin/includes/configure.php here: // define our webserver variables // FS = Filesystem (physical) // WS = Webserver (virtual) define('HTTP_SERVER', 'https://myserver.org/'); define('HTTP_CATALOG_SERVER', 'http://myserver.org'); define('HTTPS_CATALOG_SERVER', 'https://myserver.org'); define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module
khellstrom Posted January 10, 2005 Author Posted January 10, 2005 it doesnt seam what I do.. I can still login using the http login, and then, i dont get a secure connecting. i can still use the https to get it secure, but that must make it easier to hack? am i right? cheers
boxtel Posted January 10, 2005 Posted January 10, 2005 it doesnt seam what I do.. I can still login using the http login, and then, i dont get a secure connecting. i can still use the https to get it secure, but that must make it easier to hack? am i right? cheers <{POST_SNAPBACK}> use apache settings to force it to ssl SSLREQUIRESSL directive I think Treasurer MFC
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.