Guest Posted August 17, 2006 Share Posted August 17, 2006 Hello. Forgive me if this is a repeat question. I've searched around a bit and got answers to most of my questions. However, I am still in need of at least one more answer that I hope someone will be able to assist me in obtaining. When I access the administration section (I have changed the admin folder name and setup .htaccess to require authentication against my encrypted .htpasswd file) the URL is http:// and I have an unprotected connection. If I manually edit the URL to https:// I get a secured, encrypted connection. However, once I click on any link to any section within the admin tool, the URL defaults back to http:// and if I wish to have secure communications with the server I have to edit the URL again to https:// I have followed the steps to edit the admin/includes/config.php (changed from admin/ of course) and the catalog/includes/config.php Obviously I have over looked something but I am not sure what. I would definitely prefer that any access to the admin folder be directed to https:// rather than http:// Anyone have ideas what I may have missed? Here is an edited (for security) /catalog/includes/config.php --snip-- define('HTTP_SERVER', 'http://www.[mydomain].com'); // eg, http://localhost - should not be empty for productive servers define('HTTPS_SERVER', 'https://www.[mydomain].com'); // eg, https://localhost - should not be empty for productive servers define('ENABLE_SSL', true); // secure webserver for checkout procedure? define('HTTP_COOKIE_DOMAIN', 'www.[mydomain].com'); define('HTTPS_COOKIE_DOMAIN', 'www.[mydomain].com'); define('HTTP_COOKIE_PATH', '/catalog/'); define('HTTPS_COOKIE_PATH', '/catalog/'); define('DIR_WS_HTTP_CATALOG', '/catalog/'); define('DIR_WS_HTTPS_CATALOG', '/catalog/'); --snip-- and /[edited-admin]/includes/config.php ---- where [edited-admin] = name of admin folder --snip-- define('HTTP_SERVER', 'http://www.[mydomain].com'); // eg, http://localhost - should not be empty for productive servers define('HTTP_CATALOG_SERVER', 'http://www.[mydomain].com'); define('HTTPS_CATALOG_SERVER', 'https://www.[mydomain].com'); define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module define('DIR_FS_DOCUMENT_ROOT', '/[edit]/[username]/html/catalog/'); // where the pages are located on the server define('DIR_WS_ADMIN', '/catalog/[edited-admin]/'); // absolute path required define('DIR_FS_ADMIN', '/[edit]/[username]/html/catalog/[edited-admin]/'); // absolute pate required define('DIR_WS_CATALOG', '/catalog/'); // absolute path required define('DIR_FS_CATALOG', '/[edit]/[username]/html/catalog/'); // absolute path required --snip-- Seems the cart is working great other than this issue. When clicking 'My Account' the user is automatically forwarded to a secure page. Likewise with the 'Checkout' link is clicked the user is forwarded to a secure page. Thanks badsign Link to comment Share on other sites More sharing options...
Guest Posted August 18, 2006 Share Posted August 18, 2006 Update: Didn't see an edit option for original post. Just wanted to update this thread and advise that I found a solution. Here's a link The first http define in your admin/includes/configure.php file needs to use your secure path. define('HTTP_SERVER', 'Your secure path here'); // eg, http://localhost or - https://localhost should not be NULL for productive servers I updated my /admin/includes/config.php as described above and the admin tool is 100% ssl protected with no issues. Thanks everyone. This forum is so valuable it only adds to the excellence which is osCommerce. badsign Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.