autoxtreme Posted February 28, 2008 Posted February 28, 2008 Hi, I have been issued with my SSL cert from my hosting company today. It is a shared cert. I have the URL for it. My payment process is dealt with by paypal but I need to secure the account creation/log in pages, and any other pages I may have overlooked if someone can suggest any! lol How do I go about adding the code in to my store so I can secure the relevant pages. Thank you :)
germ Posted February 28, 2008 Posted February 28, 2008 Start here: The SSL In OsCommerce Guide For The Innocent, SSL basics and how to apply to osC If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there >
autoxtreme Posted February 29, 2008 Author Posted February 29, 2008 Start here: The SSL In OsCommerce Guide For The Innocent, SSL basics and how to apply to osC Right...... Eventually managed to get the SSL working on the account pages. I now have the problem of secure and nonsecure items being displayed. The problem is 3 images I have, one in the footer and 2 in the right column. I have done some searching and from what I can find it seems these images need to be tagged as https:// etc etc etc The SSL cert I am using is a shared one from my host so I dont have access to a secure folder to link these pictures to so they are just in the usual /catalog/images folder. I dont want to lose the images, but what other way is there of solving this problem? I dont want to scare customers off with warning messages! lol
germ Posted February 29, 2008 Posted February 29, 2008 If the links/images can't be made "secure" (HTTPS) you can code it so they don't display when in SSL mode. Example topic: Click Me The code goes something like this: <?php if ( $request_type != 'SSL' ) { ?> ******** DELETE THIS LINE AND PUT YOUR NON-SECURE CODE HERE ******** <?php } ?> I'd need a link to your site to get any more specific. If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there >
autoxtreme Posted February 29, 2008 Author Posted February 29, 2008 Thats great! Images show up apart from on the secure pages! No warning box anymore!! lol This will probably sound like a really stupid question, but when I changed the configure.php file to link to the SSL, how does the store know what pages to secure and what pages can just be left normal. I didnt specify any pages, it just somehow know to secure the account pages. How?!! lol
germ Posted February 29, 2008 Posted February 29, 2008 The osC coders just have it embedded in the code to use SSL on the pages where "sensitive" information is exchanged, if SSL is available. ;) If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there >
autoxtreme Posted February 29, 2008 Author Posted February 29, 2008 Impresive stuff! Just out of interest, is it possible to do anything so I can keep one of the images, or is that only possible if I had access to a secure folder on the server to link images to?
germ Posted February 29, 2008 Posted February 29, 2008 Well, I was looking an your response here: The SSL cert I am using is a shared one from my host so I dont have access to a secure folder to link these pictures to so they are just in the usual /catalog/images folder. I would think that anything in your own /catalog/images folder should be able to be linked to even in HTTPS mode without any warnings. If you have the links "hard coded" as "HTTP", that might be the problem. If you want you can PM me the code you're using on the "problem images", and I may be able to offer something that would work even in SSL mode. If you examine the HTML source for your site, it will have a line similar to this: <base href="https://yoursite.com/"> So, if you code the image something like this: <img src="catalog/images/picture.jpg"> Your browser takes the "base href" and adds the code for the image, and comes up with something like this: <img src="https://yoursite.com/catalog/images/picture.jpg"> for the image links so they stay secure. That help any? :unsure: If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there >
autoxtreme Posted February 29, 2008 Author Posted February 29, 2008 Its a great help, although getting slightly technical for my level of knowledge! I will send you a pm it that is ok :o) Thanks a lot for the help so far
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.