cjohnson_uk Posted February 1, 2005 Share Posted February 1, 2005 My shop will be using a third party epayment service that looks after all the credit card details etc. As such none of my shop needs to be on the secure part of my site. Is there any reason why I shouldn't put the whole shop in the secure (https) part of my website to give shoppers that little extra bit of security even if its only psycological? I'm trying to make happy shoppers ChrisJ Link to comment Share on other sites More sharing options...
Guest Posted February 1, 2005 Share Posted February 1, 2005 It'll add unnecessary server load...I recommend you NOT run the store in SSL on every page. You will ultimately slow down the performance which may negate the psychological effect of that little lock. Bobby Link to comment Share on other sites More sharing options...
cjohnson_uk Posted February 1, 2005 Author Share Posted February 1, 2005 It'll add unnecessary server load...I recommend you NOT run the store in SSL on every page. You will ultimately slow down the performance which may negate the psychological effect of that little lock. Bobby <{POST_SNAPBACK}> Thanks. Either way I can use it as a selling point but I'll opt for faster as my default option. Chris Link to comment Share on other sites More sharing options...
♥Vger Posted February 1, 2005 Share Posted February 1, 2005 If you have an ssl cert then just set it up as normal - letting osCommerce decide which parts of the store front need to be https (ssl) and which don't. That way customer details, login, password etc. will be protected by encryption, leaving other parts of the site to run under http (and hence run faster). By all means set the whole of your 'admin' to run under ssl. Just change all http://www.yourdomain.com pathways to https://www.yourdomain.com in admin/includes/configure.php Vger Link to comment Share on other sites More sharing options...
Guest Posted February 4, 2005 Share Posted February 4, 2005 Vger Do I have to do a new clean install so that OScommerce puts everything in the right place i.e. httpdocs or httpsdocs. Or is there another method? Andy Link to comment Share on other sites More sharing options...
cjohnson_uk Posted February 24, 2005 Author Share Posted February 24, 2005 If you have an ssl cert then just set it up as normal - letting osCommerce decide which parts of the store front need to be https (ssl) and which don't. That way customer details, login, password etc. will be protected by encryption, leaving other parts of the site to run under http (and hence run faster). By all means set the whole of your 'admin' to run under ssl. Just change all http://www.yourdomain.com pathways to https://www.yourdomain.com in admin/includes/configure.php Vger <{POST_SNAPBACK}> Hmm, things have changed a bit since my first post in this thread. The shop now wants to do offline payments. So we've got a certificate, and we have hosting with 2 folders httpdocs and httpsdocs. What files do I need to put in the httpsdocs folder? Can I remove these from the httpdocs folder? Is there any reason to do this? I've edited configure.php in catalog/includes and in catalog/admin/includes to say things like define('ENABLE_SSL', true); // secure webserver for checkout procedure? define('HTTPS_SERVER', 'https://www.myrealdomain.com'); but neither my logins nor my ordering are going through to the https part of the site. Any ideas appreciated. ChrisJ Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.