joecritch Posted June 27, 2007 Posted June 27, 2007 I'm trying to secure several osCommerce admin sections, which each have an associated SSL certificate on the domains. The sites are on 1&1 Linux servers. When you enter http://www.example.com/catalog/admin, the site does not direct to the https:// protocol, and therefore does not show the padlock on the admin homepage. I've tried changing the line in the admin index.php from // if (getenv('HTTPS') == 'on') { to if (getenv('HTTPS') == '1') { ... no luck. I've also tried changing the top lines in the admin config to force an HTTPS://, instead of the normal HTTP://, but that still doesn't help. Here's the /shop/includes/configure.php define('HTTP_SERVER', 'http://www.domain.co.uk'); // eg, http://localhost - should not be empty for productive servers define('HTTPS_SERVER', 'https://www.domain.co.uk'); // eg, https://localhost - should not be empty for productive servers define('ENABLE_SSL', true); // secure webserver for checkout procedure? define('HTTP_COOKIE_DOMAIN', 'www.domain.co.uk'); define('HTTPS_COOKIE_DOMAIN', 'www.domain.co.uk'); define('HTTP_COOKIE_PATH', '/shop/'); define('HTTPS_COOKIE_PATH', '/shop/'); define('DIR_WS_HTTP_CATALOG', '/shop/'); define('DIR_WS_HTTPS_CATALOG', '/shop/'); Here's the /shop/admin/includes/configure.php define('HTTP_SERVER', 'https://www.domain.co.uk'); // eg, http://localhost - should not be empty for productive servers define('HTTP_CATALOG_SERVER', 'https://www.domain.co.uk/shop/'); define('HTTPS_CATALOG_SERVER', 'https://www.domain.co.uk/shop/'); define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module
germ Posted June 27, 2007 Posted June 27, 2007 When you enter http://www.example.com/catalog/admin, the site does not direct to the https:// protocol, and therefore does not show the padlock on the admin homepage. If you want SSL in the Admin area, you have to do it as such: https://www.example.com/catalog/admin You don't get SSL without asking for it.... :thumbsup: One of these days they'll invent a computer that does what you WANT it to do, not what you TELL it to do... :huh: At least that's my fervent hope, anyway.... :D And believe me, I'm a master at telling it all the wrong things... :blush: If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there >
bill110 Posted June 27, 2007 Posted June 27, 2007 try this http://www.oscommerce.com/community/contributions,3479/ My Contributions Stylesheet With Descriptions Glassy Grey Boxtops Our Products Meta Tags On The Fly Password Protect Admin "No matter where you go....There you are" - Buccaroo Bonsai
Recommended Posts
Archived
This topic is now archived and is closed to further replies.