Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Duplicate files and http:// and https:// question


MrPodStuff

Recommended Posts

I have been searching for 3.5 hours for an obvious explanation on how to add the https:// to my site. From what I understand all you do is insert the https:// into the configure.php file at both admin/includes/ and includes/

 

If I do this I get page not found. As there are no pages in the https:// directory.

 

I could upload the entire website to the https:// folder to fix this but managing two set of files is surely not required.

 

What am I missing - why cant I find anything on this.

 

Thanks,

 

MrPodStuff

Link to comment
Share on other sites

You need the ensure the following:

 

1> Apache (or whatever webserver you are using) has been set up to take https:// connection

 

2> You have a vaild SSL certificate installed on the server

 

You only need to install OSC in one directory - the server and the customer's browser handle the security once it's set up right.

 

We use the InstalSSL certificate from: www.instantssl.com - they also offer a 30 day free certifucate for use in testing your setup - also have detailed instructions on how to install.

Link to comment
Share on other sites

You only need to install OSC in one directory - the server and the customer's browser handle the security once it's set up right.

 

 

 

If you have a directory structure that requires httpdocs AND httpsdocs - you will need to instal files in both - will you not ?

 

Charles

A kite flies highest AGAINST the wind !

 

"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, a lover in one hand, martini in the other, body thoroughly used up, totally worn out and screaming ~ WOO HOO!! What a ride!"

Link to comment
Share on other sites

If you have a directory structure that requires httpdocs AND httpsdocs - you will need to instal files in both - will you not ?

 

Charles

 

If you duplicate the catalog in both https and http then Search Engines will regard it as spam and ban you. I have the same problem: I have an SSL certificate etc etc, but want the catalog in http ONLY while the login and checkout pages and the Admin are in SSL. How is it done???

Link to comment
Share on other sites

I just can't believe a program so well designed would make it so hard to secure the site for people with different http and https folders. It can't be this hard. I have heard of multiple people using shared certificates having no problem - is this an easier option?

Link to comment
Share on other sites

I just can't believe a program so well designed would make it so hard to secure the site for people with different http and https folders. It can't be this hard. I have heard of multiple people using shared certificates having no problem - is this an easier option?

 

Charles (Simplyeasier) gave you the correct answer.

He appropiately qualified his statement with "If you have a directory structure that requires httpdocs AND httpsdocs... "

You can always ask your host to copy the files from one folder to another for you.

 

HTH,

Robert

Link to comment
Share on other sites

I just can't believe a program so well designed would make it so hard to secure the site for people with different http and https folders.

 

It's not the programme that's causing that problem. It's the hosting companies that don't know how to set up their web servers so that they only need to use one folder for all files that are the cause of the problem. Even if, for some weird reason, they need to have both an httpdocs and an httpsdocs folder in their system then all they have to do is to Symlink the httpsdocs folder to the httpdocs folder and there's then no need to upload two sets of files and keep them synchronised.

 

Vger

Link to comment
Share on other sites

Vger,

 

Your making sense now!

 

Now - IF my hosting company can't figure that out then this would have to be it yes?

 

1: I install OSC

2: Copy all files and folders to https://

3: All updates made on http:// must be mirrored on https://

4: I select 'true' for using secure checkout in the configure.php file

5: I input my URL with https:// in the configure.php file also. In both admin/includes and /includes

 

By doing this I increase the time it takes to maintain the site, and reduce the chances of SEO.

 

OR

 

I hope my host can fix it and if they cannot I change hosts. Any recommendations?

 

:huh:

Link to comment
Share on other sites

I change hosts. ?

 

:huh:

 

 

Yes - Two directory structure hosts are a waste of time and space - I am on record here ranting about them and other shared server host types who dont know their $%^? from their %$?^&'s :D

 

Charles

A kite flies highest AGAINST the wind !

 

"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, a lover in one hand, martini in the other, body thoroughly used up, totally worn out and screaming ~ WOO HOO!! What a ride!"

Link to comment
Share on other sites

Here's the solution:

 

Install osCommerce catalog in the http directory. Then, copy the entire catalog directory to the https directory. That's it. There may be issues concerning the various file paths in catalog>incudes>configure.php and catalog>admin>includes>configure.php, but I didn't have to make any changes in my setup.

 

The entire site now has http in the URL, except on the login, checkout, account, and Admin pages.

 

I seem to have lost my session IDs though, but I think the answer may be here:

 

http://www.oscommerce.com/forums/index.php?showtopic=121624

 

OK, time for bed, it's been a long day. <_<

Link to comment
Share on other sites

Thomas_Burke,Apr 20 2005, 11:01 PM]

If you duplicate the catalog in both https and http then Search Engines will regard it as spam and ban you. I have the same problem: I have an SSL certificate etc etc, but want the catalog in http ONLY while the login and checkout pages and the Admin are in SSL. How is it done???

 

Hi Thomas - this I already had working like this. But it still requires maintenance over the two folders. The https files will still look for info in https. For example - I have downloads on and when you go to https it cant find the http folder so I have to change the https configure.php to change the path to the download folder. Only one small example but one of many I am sure I will have problems with long term. If it works for you this is good though.

 

You still have a complete set of files in https so why wouldn't Search Engines still not like it? Even though in practice you don't go to https until checkout.

 

I think the hosting changes are the better solution removing the two folders hassle somehow. I will let you know if my hosts can fix it. :huh:

Link to comment
Share on other sites

  • 2 weeks later...
Hi Thomas - this I already had working like this. But it still requires maintenance over the two folders. The https files will still look for info in https. For example - I have downloads on and when you go to https it cant find the http folder so I have to change the https configure.php to change the path to the download folder. Only one small example but one of many I am sure I will have problems with long term. If it works for you this is good though.

 

You still have a complete set of files in https so why wouldn't Search Engines still not like it? Even though in practice you don't go to https until checkout.

 

I think the hosting changes are the better solution removing the two folders hassle somehow. I will let you know if my hosts can fix it.? :huh:

 

Yes you're right, it's a problem that needs to be solved by talking to your hosting provider. The Search Engines shouldn't ban your site. They won't ban mine because index.php and product_info.php as well as most other pages are not required in the https directory, only the login, checkout, account, and Admin pages.

. Thus the search engines won't come across duplicate pages.

Link to comment
Share on other sites

Regarding search engines and https - search engines shouldn't spider any https page anyway. If you look on Google, and have the Google Toolbar installed showing the page ranking, then when you go to an https page you should see the page ranking greyed out.

 

But not all search engines are Google, so use the 'noindex,nofollow' meta tag on all https pages, and also use your robots.txt file to prevent spiders from spidering https pages.

 

If you have ssh or telnet access to your domain then you can create a symbolic link yourself. If you don't know how there are plenty of tutorials on how to do this, just do a search for them.

 

Vger

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...