Jump to content
dev osCommerce
Forum
  • Checkout
  • Login
  • Contact Us
  • Get in touch

osCommerce

The e-commerce.

New Demo
Our Partners

Logging into the Admin Section Securely?

soupgfx

By soupgfx
in Security

Recommended Posts

soupgfx

soupgfx

Posted
Posted

Hi. I have client who keeps asking me how she can log into her admin section securely. At the bottom left hand side of the admin start screen is a little box that warns her that she is, "you are not protected by a secure SSL connection". Even though we have a legit SSL security certificate.

 

Can someone let me know if there is a certain procedure for her to login correctly or am I missing something in the setup process?

 

Thank you for any information on this.

germ

germ

Posted
Posted

Hi. I have client who keeps asking me how she can log into her admin section securely. At the bottom left hand side of the admin start screen is a little box that warns her that she is, "you are not protected by a secure SSL connection". Even though we have a legit SSL security certificate.

 

Can someone let me know if there is a certain procedure for her to login correctly or am I missing something in the setup process?

 

Thank you for any information on this.

Tell her to access the admin with the correct HTTPS URL.

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

  • 2 weeks later...
soupgfx

soupgfx

Posted
  • Author
Posted

Weird... When logging in, it automatically switches to the normal http://www... but after I log in and manually input the "s" after the http it switches to the secure method. It's just weird that it won't stay in https mode while I log in.

 

 

 

Tell her to access the admin with the correct HTTPS URL.

germ

germ

Posted
Posted

Weird... When logging in, it automatically switches to the normal http://www... but after I log in and manually input the "s" after the http it switches to the secure method. It's just weird that it won't stay in https mode while I log in.

The only way I can think of that would explain that is a rewrite rule in a .htaccess file.

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

mdtaylorlrim

♥mdtaylorlrim

Posted
Posted

In /catalog/admin/configure.php change:

 

define('HTTP_SERVER', 'http://www.yourdomain.com');

define('HTTP_CATALOG_SERVER', 'http://www.yourdomain.com');

 

to:

 

define('HTTP_SERVER', 'https://yourdomain.com');

define('HTTP_CATALOG_SERVER', 'https://yourdomain.com');

 

 

Be sure you do not mess with the configure.php in the /catalog/includes/ folder. THEN log in using the proper https://yourdomain.com

Community Bootstrap Edition, Edge

 

Avoid the most asked question. See How to Secure My Site and How do I...?

web-project

web-project

Posted
Posted

In /catalog/admin/configure.php change:

 

define('HTTP_SERVER', 'http://www.yourdomain.com');

define('HTTP_CATALOG_SERVER', 'http://www.yourdomain.com');

 

to:

 

define('HTTP_SERVER', 'https://yourdomain.com');

define('HTTP_CATALOG_SERVER', 'https://yourdomain.com');

 

 

Be sure you do not mess with the configure.php in the /catalog/includes/ folder. THEN log in using the proper https://yourdomain.com

 

after updating the configure.php file, simply add the following:

 

Options +FollowSymLinks
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule (.*) https://yourdomain.com%{REQUEST_URI}

 

to your .htaccess in admin folder and the http protocol will be redirected to https.

Please read this line: Do you want to find all the answers to your questions? click here. As for contribution database it's located here!

8 people out of 10 don't bother to read installation manuals. I can recommend: if you can't read the installation manual, don't bother to install any contribution yourself.

Before installing contribution or editing/updating/deleting any files, do the full backup, it will save to you & everyone here on the forum time to fix your issues.

Any issues with oscommerce, I am here to help you.

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...