Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Stay in https Mode as Administrator


bouncefish

Recommended Posts

Hello,

 

I have a dumb question.

 

as soon as I go to https://www.mysite.com/oscommerce/admin/

 

I log in securely. But as soon as I click on ANYTHING else in the admin tool, it takes me to the http:// site.

 

Which, kinda defeats part of the purpose of having an SSL cert.

 

Is there an EASY way I can keep the administrator in a secure session?

 

Thanks in advance.

Link to comment
Share on other sites

Is there an EASY way I can keep the administrator in a secure session?

You need to enable ssl in your admin/configure.php file by changing these:

define('HTTPS_CATALOG_SERVER', 'https://path to your ssl');
define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module

You may have to use some absolute paths for your images and languages also, but start with above first and see...

 

scot

Link to comment
Share on other sites

But there doesn't seem to be a file under the specified directory..... i.e..... admin/configure.php does not exist. Do you refer to admin/includes/configure.php ?

 

Sid.

 

------------------------

 

You need to enable ssl in your admin/configure.php file by changing these:

define('HTTPS_CATALOG_SERVER', 'https://path to your ssl');
define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module

You may have to use some absolute paths for your images and languages also, but start with above first and see...

 

scot

Link to comment
Share on other sites

It's admin/includes/configure.php

 

And what worked for me was to change

define('HTTP_SERVER', 'http:

to

define('HTTP_SERVER', 'https:

 

Changing the Catalog Server line didn't work for me.

 

Thanks though, I didn't even realize there was a seperate config file for the admin tool.

 

Duh.

Link to comment
Share on other sites

define('HTTP_SERVER', 'https:

Changing the Catalog Server line didn't work for me.

Brian - You are indeed correct about HTTP_SERVER our office lost power during a storm and the above post was made in great haste using DC power. Should have been:

define('HTTP_SERVER', 'https://path to ssl'); // eg, http://localhost - should not be empty for productive servers
 define('HTTP_CATALOG_SERVER', 'http://Domain.com');
 define('HTTPS_CATALOG_SERVER', 'https://path to ssl');
 define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module

Just missed the top line during my copy and paste swipe ... Anyway glad you got it to work...

 

scot

Link to comment
Share on other sites

in your code where it says "'https://path to ssl" do you mean the path to the SSL cert? or would it just be:

https://mywebsite.com

 

thanks

"The reasonable man adapts himself to the world; the unreasonable one persists in trying to adapt the world to himself.

Therefore, all progress depends upon the unreasonable man."

-- George Bernard Shaw

Link to comment
Share on other sites

in your code where it says "'https://path to ssl" do you mean the path to the SSL cert? or would it just be:

https://mywebsite.com

 

thanks

 

That depends whether you have shared or dedicated ssl. A more specific shared path could be something like https://secure.YourHost.com/User (they differ from host to host) while a dedicated path would be https://YourDomain.com.

 

scot

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...