Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

http docs vs. https docs


hinnebusch

Recommended Posts

I have what looks like indentical copies of my osCommerce storefront installed in both the httpdoc/ and httpsdocs/ folders on my website. Do I configure the httpsdocs/ storefront only?- both? -- do they work together somehow? confused.

Link to comment
Share on other sites

I have what looks like indentical copies of my osCommerce storefront installed in both the httpdoc/ and httpsdocs/ folders on my website. Do I configure the httpsdocs/ storefront only?- both? -- do they work together somehow? confused.

 

 

Some hosts :o in their infinite wisdom configure their servers so you have to have 2 (count them) directories if you want to have a secure (SSL) implementation.

 

You will have to put your files in BOTH directories if you ever intend to give your users SSL security for their transaction details.

 

If you went with a "sensible" host all would be under one directory so no need to maintain 2 sets of files.

 

Charles

A kite flies highest AGAINST the wind !

 

"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, a lover in one hand, martini in the other, body thoroughly used up, totally worn out and screaming ~ WOO HOO!! What a ride!"

Link to comment
Share on other sites

thanks- that being the case, for my online store, should I just use the https folder files and disreguard the unsecure set?

 

- David

Some hosts  :o  in their infinite wisdom configure their servers so you have to have 2 (count them) directories if you want to have a secure (SSL) implementation.

 

You will have to put your files in BOTH directories if you ever intend to give your users SSL security for their transaction details.

 

If you went with a "sensible" host all would be under one directory so no need to maintain 2 sets of files.

 

Charles

Link to comment
Share on other sites

No, you shouldn't. You only use https connections when you have to - because all ssl pages are encrypted before delivery and that takes time (slows the page delivery time down).

 

Lock down all of the 'admin' behind ssl by all means, but use ssl and non-ssl for the store itself.

 

Vger

Link to comment
Share on other sites

thanks!

 

so maybe I'll stay away fro SSL because I don't know how or where to jump to the SSL pages- since I'll be using paypal to take orders. Sound right?

 

thanks again

David

 

No, you shouldn't.  You only use https connections when you have to - because all ssl pages are encrypted before delivery and that takes time (slows the page delivery time down).

 

Lock down all of the 'admin' behind ssl by all means, but use ssl and non-ssl for the store itself.

 

Vger

Link to comment
Share on other sites

thanks!

 

so maybe I'll stay away fro SSL because I don't know how or where to jump to the SSL pages- since I'll be using paypal to take orders. Sound right?

 

thanks again

David

You'll need SSL for your store as well. Your checkout might be secure with PayPal, but that's not good enough. Your customer's private information including usernames and passwords are still travelling accross the web unprotected! (login.php etc.)

 

Depends on the permission you have on the server, you should:

1. Ask your host to create a symbolic link between your regular folder (e.g. httpdocs) and secure folder (e.g. httpsdocs)

2. If you have access Telnet (not secure) or SSH (secure) you can create the Symlink yourself.

3. You can edit httpd.conf instead of using Symlink

4. You can also create Symlink using PHP.

Link to comment
Share on other sites

  • 1 month later...
You'll need SSL for your store as well.  Your checkout might be secure with PayPal, but that's not good enough.  Your customer's private information including  usernames and passwords are still travelling accross the web unprotected! (login.php etc.)

 

Depends on the permission you have on the server, you should:

1. Ask your host to create a symbolic link between your regular folder (e.g. httpdocs) and secure folder (e.g. httpsdocs)

2. If you have access Telnet (not secure) or SSH (secure) you can create the Symlink yourself.

3. You can edit httpd.conf instead of using Symlink

4. You can also create Symlink using PHP.

 

Do you know how to set up that link? Because I have asked my host and he doesn't know how.

My problem is that my front page of my catalog is secure but none of the other (more important) pages are. I would greatly, greatly appreciate any help. I've tried everything!

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...