Jump to content
dev osCommerce
Forum
  • Checkout
  • Login
  • Contact Us
  • Get in touch

osCommerce

The e-commerce.

New Demo
Our Partners

SSL www.mydomain.com or www.mydomain.com/catalog??

nepalbcn

By nepalbcn
in General Support

Recommended Posts

nepalbcn

nepalbcn

Posted
Posted

My hosting provider installed an SSL in my website, the problem is that they installed it at www.mydomain.com and the ?store? is at www.mydomain.com/catalog. What they?ve done to be able to ?see? the store when the browser is pointing at www.mydomain.com is to add there a special ?index.php? file that just redirects you to www.mydomain.com/catalog/index.php

 

But that keeps the store out of the ssl (no lock no https) (that's what they say) since the ssl is protecting the special index.php file that is at at www.mydomain.com and that just redirects you inside /catalog instead of the opne that?s at at www.mydomain.com/catalog and that's the "good" osc index.php file. In any case now I can?t see any lock nor https.

 

Now that the SSL is installed they say I have to move all the files from www.mydomain.com/catalog to www.mydomain.com for the SSL to work. :angry: And that seems like a lot of work to me because I?m afraid that ?just moving the files? won?t make it <_< , there is lots of ?php instructions? (sorry I don?t know a better word) in all the files that point to the /catalog directory so if I move everything from there I'll screw it up.

 

1)Could it be true that the ?good, real osc idex.php file? file has to be at www.mydomain.com ?

 

2) When ?securing a website? with an SSL are they protecting the whole domain (www.mydomain.com with all possible subfolders like /catalog or whatever) or are they just securing what the browser finds at www.mydomain.com? If so ARE THEY RIGHT????? (they?ve ?made things complicated? so many times before to get more money that I already feel like attacked by a vampire. Of course this time also everything can be solved for a specific ammount)

 

3)What do I do? They say that moving all this stuff is the only way for the web to show the lock and the https. Could I move the files out? if so, do I have to make a trillion modifications in the files?

 

4)Would everything had gone nice if the ssl was "protecting" www.mydomain.com/catalog ??? (just that I know for the next time?

 

Please help, I?m, so close to opening the store I can?t give up now.

Daemonj

Daemonj

Posted
Posted

Just edit the /index.php file to detect the requesting protocol and then properly redirect based on the protocol.

 

SSL is for an entire domain.

 

Find a host that knows what they are doing. ;)

"Great spirits have always found violent opposition from mediocre minds. The latter cannot understand it when a man does not thoughtlessly submit to hereditary prejudices but honestly and courageously uses his intelligence." - A. Einstein

Vger

♥Vger

Posted
Posted
Find a host that knows what they are doing

 

Couldn't agree more. Your current hosts are talking total pap.

 

If your site is on an Apache server then redirect from the root to the folder using a 301 Permanent Redirect via a .htaccess file in the root of your domain. It can be set so that http requests go to http pages and an https request goes to https pages. A 301 Permanent Redirect is better for your site than if you use a Meta Tag Refresh type of redirect in a file - but you don't have that choice if the server is Windows based.

 

By the way, there's nothing to moving your site to the root. Just download the files/folders, upload to the root, and edit both configure.php files taking out the catalog/ parts of the pathways.

 

Vger

Guest

Guest

Posted
Posted

hmm... its possible your configure.php file is incorrect and the ssl is ok. Can you post this file minus the dbase info? Or check this line in it:

 

define('HTTPS_SERVER', 'https://mysite321.com'); // eg, https://localhost - should not be empty for productive servers

 

make sure you're using only the domain/server in the definitions where they indicate SERVER or DOMAIN without paths appended. Paths should go to the paths definitions.

nepalbcn

nepalbcn

Posted
  • Author
Posted
Just edit the /index.php file to detect the requesting protocol
OK I'll do that.

 

and then properly redirect based on the protocol.
redirect from the root to the folder using a 301 Permanent Redirect via a .htaccess file in the root of your domain. It can be set so that http requests go to http pages and an https request goes to https pages. A 301 Permanent Redirect is better for your site than if you use a Meta Tag Refresh type of redirect in a file - but you don't have that choice if the server is Windows based.
I'm not sure I follow you guys on that one. It doens't seem too complicated but I have no idea how to do the "redirection" thing or a .htaccess file, can you give me a hint? it doesn't sound too complex, I think I could do it.

 

By the way, there's nothing to moving your site to the root. Just download the files/folders, upload to the root, and edit both configure.php files taking out the catalog/ parts of the pathways.
OK, so that (plus changing the index.php file) could solve it too. I'll just back up and start trying all the things you guys are saying.

 

hmm... its possible your configure.php file is incorrect and the ssl is ok. Can you post this file minus the dbase info? Or check this line in it:

 

define('HTTPS_SERVER', 'https://mysite321.com'); // eg, https://localhost - should not be empty for productive servers

 

make sure you're using only the domain/server in the definitions where they indicate SERVER or DOMAIN without paths appended. Paths should go to the paths definitions.

Ok, I'll do both, right now I don't have access to the files, I'll do all that on monday and will post right away.

 

SSL is for an entire domain.

 

Find a host that knows what they are doing. ;)

Couldn't agree more. Your current hosts are talking total pap.
yeah... and they are supposed to be the best in the area . :blink: :blink: I can't wait to move.

 

Thanks everybody!

nepalbcn

nepalbcn

Posted
  • Author
Posted

After lots of thinking I've decided I'll just move the store out of the /catalog directoty into the root sience it seems the easiest way. I can't do it now because they changed something in the server so that even if you erase the index.php file at the root you still see the page, so whenever they remove that I'll start moving everything, I already backed up.

 

The catalog/includes configure.php file looks like this:

 

define('HTTP_SERVER', 'http://nepal-8081-1.hostings.nexica.net'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://nepal-8081-1.hostings.nexica.net'); // eg, https://localhost - should not be empty for productive servers

define('ENABLE_SSL', 'true'); // secure webserver for checkout procedure? This said true instead of 'true', so i changed it.

define('HTTP_COOKIE_DOMAIN', 'nepal-8081-1.hostings.nexica.net');

define('HTTPS_COOKIE_DOMAIN', 'nepal-8081-1.hostings.nexica.net');

define('HTTP_COOKIE_PATH', '/catalog/');

define('HTTPS_COOKIE_PATH', '/catalog/');

define('DIR_WS_HTTP_CATALOG', '/catalog/');

define('DIR_WS_HTTPS_CATALOG', '/catalog/');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 

 

Do you think it will work? Suggestions? I'll keep the post informed.

Daemonj

Daemonj

Posted
Posted

Make all of the 

/catalog/'

look like

/'

 

Also, the ENABLE_SSL should be 'true'.

"Great spirits have always found violent opposition from mediocre minds. The latter cannot understand it when a man does not thoughtlessly submit to hereditary prejudices but honestly and courageously uses his intelligence." - A. Einstein

nepalbcn

nepalbcn

Posted
  • Author
Posted
Make all of the 

/catalog/'

look like

/'

 

Also, the ENABLE_SSL should be 'true'.

 

IT WORKS!!!!

Alright now. The moving was easy and now when it goes to check out goods it jumps to https, GREAT!. I only don't see the lock there, only while jumping from one check out step to the other, only for a split second, I'll do a search on that. But anyway IT WORKS!!!! Oh man, that's good.

 

Thanks everyone.

nepalbcn

nepalbcn

Posted
  • Author
Posted
IT WORKS!!!!

 

Yeah but now the admin won't work, I was going nuts (w00t) So at the end I tried redirectin using .htaccess, googled and found how easy it is to make the redirection. it's here It works now, it's like a house of cards, don't touch it, don't breath near it, it works...

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...