Guest Posted March 4, 2006 Posted March 4, 2006 Can anyone tell me which lines need to be changed so that when I go into my admin file it is secured? Thanks
ddp Posted March 4, 2006 Posted March 4, 2006 Can anyone tell me which lines need to be changed so that when I go into my admin file it is secured? Thanks This has been in many times in the forums. You could have found the answer by searching the forums. Anyway, admin is secured via your server by password protecting the directory or by using htaccess. If you are unsure how to do this you need to contact your server directly. Backup before making changes. Backup before making changes! Backup before making changes!! You did do a backup? eh?
Guest Posted March 4, 2006 Posted March 4, 2006 I already put a password protection to get into 'admin', its the message that appears once I am in the Admin window that says that "You are not protected by a secure SSL connection". I have a ssl certificate and my shopping cart is secured. I would like to change the status once I am in the admin. Which file and which lines need changes?
ddp Posted March 4, 2006 Posted March 4, 2006 I already put a password protection to get into 'admin', its the message that appears once I am in the Admin window that says that "You are not protected by a secure SSL connection". I have a ssl certificate and my shopping cart is secured. I would like to change the status once I am in the admin. Which file and which lines need changes? Ok that's a different problem. Have you changed the paths in the catalog/includes/configure.php file to refect your secure path? The following statements are all assigned in this file. define('HTTPS_SERVER', 'https://yoursecureserverpath'); define('ENABLE_SSL', true); define('HTTPS_COOKIE_DOMAIN', 'yoursecureserverpath'); define('HTTPS_COOKIE_PATH', '/catalog/'); define('DIR_WS_HTTPS_CATALOG', '/catalog/'); Remember you need to change the permissions on the file to reupload it. Backup before making changes. Backup before making changes! Backup before making changes!! You did do a backup? eh?
Guest Posted March 4, 2006 Posted March 4, 2006 Ok that's a different problem. Have you changed the paths in the catalog/includes/configure.php file to refect your secure path? The following statements are all assigned in this file. define('HTTPS_SERVER', 'https://yoursecureserverpath'); define('ENABLE_SSL', true); define('HTTPS_COOKIE_DOMAIN', 'yoursecureserverpath'); define('HTTPS_COOKIE_PATH', '/catalog/'); define('DIR_WS_HTTPS_CATALOG', '/catalog/'); Remember you need to change the permissions on the file to reupload it. Yes I did..the shopping cart itself is secured once customer wants to creat, login or purchase. Its my administration window that doesn't show a ssl secured message.
ddp Posted March 5, 2006 Posted March 5, 2006 Yes I did..the shopping cart itself is secured once customer wants to creat, login or purchase. Its my administration window that doesn't show a ssl secured message. What about the other configure file at: /catalog/admin/includes/configure.php file have you conigured this file? Backup before making changes. Backup before making changes! Backup before making changes!! You did do a backup? eh?
Guest Posted March 5, 2006 Posted March 5, 2006 What about the other configure file at: /catalog/admin/includes/configure.php file have you conigured this file? Yes, I made the changes to that file. It didn't change the status. Still says "You are not protected by a secure SSL connection". in the bottom left box. Any other suggestions?
ddp Posted March 5, 2006 Posted March 5, 2006 Yes, I made the changes to that file. It didn't change the status. Still says "You are not protected by a secure SSL connection". in the bottom left box. Any other suggestions? Sorry I don't. Perhaps someone reading this post will. You might want to repost your problem with a post description of something like "want to have admin working on https" or something like that. The heading you posted under sounds like you want to passord protect your admin which is not what you want to do. Backup before making changes. Backup before making changes! Backup before making changes!! You did do a backup? eh?
♥Vger Posted March 5, 2006 Posted March 5, 2006 If you are using a shared ssl cert then it's difficult to get rid of that message, without losing the viewing of your images in admin. If you have a full ssl cert then you'll see 3 entries at the top of admin/includes/configure.php - one is https and two are http. Change the two that are http://www.yourdomain.com to https://www.yourdomain.com and you'll get the message 'You are protected by an unknown secure connection'. Vger
Guest Posted March 5, 2006 Posted March 5, 2006 If you are using a shared ssl cert then it's difficult to get rid of that message, without losing the viewing of your images in admin. If you have a full ssl cert then you'll see 3 entries at the top of admin/includes/configure.php - one is https and two are http. Change the two that are http://www.yourdomain.com to https://www.yourdomain.com and you'll get the message 'You are protected by an unknown secure connection'. Vger I do have a full ssl cert. I tried what you suggested but status still not changed. See below part of my config // Define the webserver and path parameters// * DIR_FS_* = Filesystem directories (local/physical) // * DIR_WS_* = Webserver directories (virtual/URL) define('HTTP_SERVER', 'https://www.supplyroom-backtoschool.com'); // eg, http://localhost - should not be empty for productive servers define('HTTP_CATALOG_SERVER', 'https://www.supplyroom-backtoschool.com'); define('HTTPS_CATALOG_SERVER', 'https://www.supplyroom-backtoschool.com'); define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module
bob61 Posted March 11, 2006 Posted March 11, 2006 I do have a full ssl cert.I tried what you suggested but status still not changed. See below part of my config Here's another method to accomplish what you are looking to do: This will force the admin interface to use your secure certificate so that potentially sensitive customer data is encrypted between the web server and your browser. Add the following code to the bottom of /catalog/admin/includes/application_top.php just before the final closing "?>" if($_SERVER['SERVER_PORT'] == 80) { Header("Location: " . HTTPS_CATALOG_SERVER . DIR_WS_ADMIN); exit; } You'll be prompted twice when you log into your Admin (same as with other option), your session should then show as secure.
Guest Posted March 11, 2006 Posted March 11, 2006 Ok, I'm having the same problem, in my administration area it says: "You are not protected by a secure SSL connection." I did all you guys suggested above and nada worked. I am on shared hosting, my transactions are showing as secure both via the https: and the padlock icon in the browser, and my host verified I have everything correct. It's just annoying seeing that message in my admin area when it's not correct. So, if anyoen can help me fix it that would rock. Thanx, GrogDog
custodian Posted March 11, 2006 Posted March 11, 2006 // Define the webserver and path parameters// * DIR_FS_* = Filesystem directories (local/physical) // * DIR_WS_* = Webserver directories (virtual/URL) define('HTTP_SERVER', 'https://www.supplyroom-backtoschool.com'); // eg, http://localhost - should not be empty for productive servers define('HTTP_CATALOG_SERVER', 'https://www.supplyroom-backtoschool.com'); define('HTTPS_CATALOG_SERVER', 'https://www.supplyroom-backtoschool.com'); define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module That is wrong You have https address in http fields. I have my own full cert too... Use my example and fill in your info.. pay close attention to the placement or lack of /'s My store is also in the root directory, (as I beleive yours is too, so it should work near identically) opps.. I see your store is in the os directory.. you'll need to add the on.. but again, if the current setting doesn't end in a / don't put one If i remember correctly that would be define('HTTP_COOKIE_PATH', '/os'); define('HTTPS_COOKIE_PATH', '/os'); define('DIR_WS_HTTP_CATALOG', '/os'); define('DIR_WS_HTTPS_CATALOG', '/os'); // Define the webserver and path parameters // * DIR_FS_* = Filesystem directories (local/physical) // * DIR_WS_* = Webserver directories (virtual/URL) define('HTTP_SERVER', 'http://www.memorylaneprimitives.com'); // eg, http://localhost - should not be empty for productive s ervers define('HTTPS_SERVER', 'https://www.memorylaneprimitives.com'); // eg, https://localhost - should not be empty for productiv e servers define('ENABLE_SSL', true); // secure webserver for checkout procedure? define('HTTP_COOKIE_DOMAIN', 'www.memorylaneprimitives.com'); define('HTTPS_COOKIE_DOMAIN', 'www.memorylaneprimitives.com'); define('HTTP_COOKIE_PATH', '/'); define('HTTPS_COOKIE_PATH', '/'); define('DIR_WS_HTTP_CATALOG', '/'); define('DIR_WS_HTTPS_CATALOG', '/'); define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); define('DIR_FS_DOCUMENT_ROOT', '/home/henry/'); define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/'); define('DIR_FS_CATALOG', '/home/henry/public_html/'); define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/'); define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/'); My Contributions Henry Smith
custodian Posted March 11, 2006 Posted March 11, 2006 The way you currently have it your entire store is secure... you don't need that, it's only causes more work for your server then what is needs. Locking up the money is a good thing Locking up the rubber bands that you use to hold the money together is a waste of time, effort and resources. My Contributions Henry Smith
Recommended Posts
Archived
This topic is now archived and is closed to further replies.