pansolo Posted February 22, 2008 Posted February 22, 2008 I added the script as instructed http://www.oscommerce.com/community/contri...earch,admin+ssl if($_SERVER['SERVER_PORT'] == 80) { Header("Location: " . HTTPS_CATALOG_SERVER . DIR_WS_ADMIN); exit; } But this only secures the admin/index.php any of the links on the page auto to http: instead of being forced to https: HELP
pansolo Posted February 22, 2008 Author Posted February 22, 2008 I added the script as instructed http://www.oscommerce.com/community/contri...earch,admin+ssl if($_SERVER['SERVER_PORT'] == 80) { Header("Location: " . HTTPS_CATALOG_SERVER . DIR_WS_ADMIN); exit; } But this only secures the admin/index.php any of the links on the page auto to http: instead of being forced to https: HELP I added /admin/ after (Location) if($_SERVER['SERVER_PORT'] == 80) { Header("Location/admin/: " . HTTPS_CATALOG_SERVER . DIR_WS_ADMIN); exit; } This still doesn't force all th pages within the admin folder to https: although I can do it manually (https:) and all good but I know it's still not right
♥Vger Posted February 22, 2008 Posted February 22, 2008 If your server is Apache based then try adding this code to a .htaccess file in the osCommerce admin folder: SSLRequireSSL ErrorDocument 403 https://www.yourdomain.com/admin/ This forces a redirect to https for every page in the admin folder. Vger
pansolo Posted February 22, 2008 Author Posted February 22, 2008 If your server is Apache based then try adding this code to a .htaccess file in the osCommerce admin folder: SSLRequireSSL ErrorDocument 403 https://www.yourdomain.com/admin/ This forces a redirect to https for every page in the admin folder. Vger My server is Apache based. Do I create a new .htaccess file in admin folder... I'm sorry I'm really 2 yrs old...LOL Thank you for helping...
pansolo Posted February 22, 2008 Author Posted February 22, 2008 My server is Apache based. Do I create a new .htaccess file in admin folder... I'm sorry I'm really 2 yrs old...LOL Thank you for helping... Does it matter where I place the code on my .htaccess that I already have set up
pansolo Posted February 22, 2008 Author Posted February 22, 2008 Should I also remove the script I added as mentioned in the first post
pansolo Posted February 22, 2008 Author Posted February 22, 2008 ok I removed the contribution from the application_top.php and I placed the code from above on my existing .htaccess file and still doesn't force all pages to https: ANYBODY>>>>>>>>> HELP>>>>>>>>>>>>
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.