Jump to content
dev osCommerce
Forum
  • Checkout
  • Login
  • Contact Us
  • Get in touch

osCommerce

The e-commerce.

New Demo
Our Partners

Logging into the Admin Section Securely?

soupgfx

By soupgfx
in Security

Recommended Posts

soupgfx

soupgfx

Posted
Posted

Hi. I have client who keeps asking me how she can log into her admin section securely. At the bottom left hand side of the admin start screen is a little box that warns her that she is, "you are not protected by a secure SSL connection". Even though we have a legit SSL security certificate.

 

Can someone let me know if there is a certain procedure for her to login correctly or am I missing something in the setup process?

 

Thank you for any information on this.

Link to comment
Share on other sites
germ

germ

Posted
Posted

Hi. I have client who keeps asking me how she can log into her admin section securely. At the bottom left hand side of the admin start screen is a little box that warns her that she is, "you are not protected by a secure SSL connection". Even though we have a legit SSL security certificate.

 

Can someone let me know if there is a certain procedure for her to login correctly or am I missing something in the setup process?

 

Thank you for any information on this.

Tell her to access the admin with the correct HTTPS URL.

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites
  • 2 weeks later...
soupgfx

soupgfx

Posted
  • Author
Posted

Weird... When logging in, it automatically switches to the normal http://www... but after I log in and manually input the "s" after the http it switches to the secure method. It's just weird that it won't stay in https mode while I log in.

 

 

 

Tell her to access the admin with the correct HTTPS URL.

Link to comment
Share on other sites
germ

germ

Posted
Posted

Weird... When logging in, it automatically switches to the normal http://www... but after I log in and manually input the "s" after the http it switches to the secure method. It's just weird that it won't stay in https mode while I log in.

The only way I can think of that would explain that is a rewrite rule in a .htaccess file.

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites
mdtaylorlrim

♥mdtaylorlrim

Posted
Posted

In /catalog/admin/configure.php change:

 

define('HTTP_SERVER', 'http://www.yourdomain.com');

define('HTTP_CATALOG_SERVER', 'http://www.yourdomain.com');

 

to:

 

define('HTTP_SERVER', 'https://yourdomain.com');

define('HTTP_CATALOG_SERVER', 'https://yourdomain.com');

 

 

Be sure you do not mess with the configure.php in the /catalog/includes/ folder. THEN log in using the proper https://yourdomain.com

Community Bootstrap Edition, Edge

 

Avoid the most asked question. See How to Secure My Site and How do I...?

Link to comment
Share on other sites
web-project

web-project

Posted
Posted

In /catalog/admin/configure.php change:

 

define('HTTP_SERVER', 'http://www.yourdomain.com');

define('HTTP_CATALOG_SERVER', 'http://www.yourdomain.com');

 

to:

 

define('HTTP_SERVER', 'https://yourdomain.com');

define('HTTP_CATALOG_SERVER', 'https://yourdomain.com');

 

 

Be sure you do not mess with the configure.php in the /catalog/includes/ folder. THEN log in using the proper https://yourdomain.com

 

after updating the configure.php file, simply add the following:

 

Options +FollowSymLinks
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule (.*) https://yourdomain.com%{REQUEST_URI}

 

to your .htaccess in admin folder and the http protocol will be redirected to https.

Please read this line: Do you want to find all the answers to your questions? click here. As for contribution database it's located here!

8 people out of 10 don't bother to read installation manuals. I can recommend: if you can't read the installation manual, don't bother to install any contribution yourself.

Before installing contribution or editing/updating/deleting any files, do the full backup, it will save to you & everyone here on the forum time to fix your issues.

Any issues with oscommerce, I am here to help you.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...