Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Need help securing my admin using ssl


gunnl

Recommended Posts

Desperately need help to secure my admin interface. I'm geting this message when I'm loged in "You are not protected by a secure SSL connection"

Don't wan't to go live without my admin beeing secure by ssl.

 

I have an ssl certificate issued to my domain www.bushido.is by RapidSSL

 

This is what I got in my configure.php files.

 

catalog

// Define the webserver and path parameters
// * DIR_FS_* = Filesystem directories (local/physical)
// * DIR_WS_* = Webserver directories (virtual/URL)
define('HTTP_SERVER', 'http://www.bushido.is'); // eg, http://localhost - should not be empty for productive servers
define('HTTPS_SERVER', 'https://www.bushido.is'); // eg, https://localhost - should not be empty for productive servers
define('ENABLE_SSL', true); // secure webserver for checkout procedure?
define('HTTP_COOKIE_DOMAIN', 'http://www.bushido.is');
define('HTTPS_COOKIE_DOMAIN', 'https://www.bushido.is');
define('HTTP_COOKIE_PATH', '/test/');
define('HTTPS_COOKIE_PATH', '/test/');
define('DIR_WS_HTTP_CATALOG', '/test/');
define('DIR_WS_HTTPS_CATALOG', '/test/');

 

admin

define('HTTP_SERVER', 'http://www.bushido.is'); // eg, http://localhost - should not be empty for productive servers
define('HTTP_CATALOG_SERVER', 'http://www.bushido.is');
define('HTTPS_CATALOG_SERVER', 'https://www.bushido.is');
define('ENABLE_SSL_CATALOG', true); // secure webserver for catalog module
define('DIR_FS_DOCUMENT_ROOT', '/var/www/is/bushido.is/html/test/'); // where the pages are located on the server
define('DIR_WS_ADMIN', '/test/admin/'); // absolute path required
define('DIR_FS_ADMIN', '/var/www/is/bushido.is/html/test/admin/'); // absolute pate required
define('DIR_WS_CATALOG', '/test/'); // absolute path required
define('DIR_FS_CATALOG', '/var/www/is/bushido.is/html/test/'); // absolute path required

 

What am I doing wrong here??? :(

Regards

Gunnlaugur

Link to comment
Share on other sites

Try:

Catalog

define('HTTP_SERVER', 'https://www.bushido.is'); // eg, http://localhost - should not be empty for productive servers
define('HTTPS_SERVER', 'https://www.bushido.is'); // eg, https://localhost - should not be empty for productive servers
define('ENABLE_SSL', true); // secure webserver for checkout procedure?
define('HTTP_COOKIE_DOMAIN', 'www.bushido.is');
define('HTTPS_COOKIE_DOMAIN', 'www.bushido.is');

 

Admin

define('HTTP_SERVER', 'https://www.bushido.is'); // eg, http://localhost - should not be empty for productive servers
define('HTTP_CATALOG_SERVER', 'https://www.bushido.is');
define('HTTPS_CATALOG_SERVER', 'https://www.bushido.is');

 

I've only posted part of each, leave the rest of the code as it is.

BACKUP first!! :)

one-click installation..

Dave's info

Link to comment
Share on other sites

Thanks Dave.

Works first time :)

 

One questin though.

When I go to my admin and I get the basic authentication prompt I've setup. I login and the status is still "You are not protected by a secure SSL connection" but after pressing any of the links in the admin interface I get again the basic authentication prompt and login again, then the status changes to https and the message is "You are protected by a unknown secure SSL connection".

 

Is this the default behavior or am I still wrong in my config?

Regards

Gunnlaugur

Link to comment
Share on other sites

your http://site is working as well as the https://

Depends on your hosting setup, but I would just use one to save any confusions...

 

I don't understand what you mean by that :huh:

Regards

Gunnlaugur

Link to comment
Share on other sites

your http://site is working as well as the https://

Depends on your hosting setup, but I would just use one to save any confusions...

 

My ISP says that this is an osc config issue. Is that correct?

Regards

Gunnlaugur

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...