Nick Ellson Posted November 16, 2006 Posted November 16, 2006 I am using osC first the first time for a home hobby store for my wife's crafts. Wow, no install errors, hugely overwhelming options, very well done software! My installation at first did not use SSL because I never tried using it before. About an hour after I installed and realized I have payment options that really ought to be secure I went and taught myself how to get Apache up with a real certificate (RapidSSL). I can now open my store or admin session with https, but it quickly drops back to the http variant. In the configure.php and the admin menu's it shows I am all geared up for https. Do I simply remove the http paths in configure.php so it has no choice? What is the right way to stay https? Nick
kgt Posted November 16, 2006 Posted November 16, 2006 In includes/configure.php, you need to make sure HTTPS_SERVER uses https and make sure ENABLE_SSL is set to true. That should be it. Keep the HTTP paths. Your site will only use HTTPS on pages that need to be secure (checkout, login, etc). Pages that do not exchange sensitive information are better running over HTTP since it is noticeably faster. Contributions Discount Coupon Codes Donations
egattocs Posted November 16, 2006 Posted November 16, 2006 I'm not sure how it works on others stores, but this is how it works on our store. When browsing the site it is just done through http, it's not until you goto checkout, or to login that it switches itself to https (which is when it's important of course!). That means our site is secure in the places it should be, it's probably the same with yours? I hope that helps. Scott
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.