Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Moving over to SSL catalog


Peper

Recommended Posts

I'm trying now for first time to implement SSL to our catalog

 

Please help me out as I don't find any clear help on what needs to be https when customer is logged in

 

When customer logs in, my shop is https, when going to products it's http

All the other links except like logout, my account, order history and so is https

 

My config.php - xampp test server

 

  define('HTTP_SERVER', 'http://localhost');
 define('HTTPS_SERVER', 'https://localhost');
 define('ENABLE_SSL', true);
 define('HTTP_COOKIE_DOMAIN', 'http://localhost/');
 define('HTTPS_COOKIE_DOMAIN', 'https://localhost/');
 define('HTTP_COOKIE_PATH', '/shop/');
 define('HTTPS_COOKIE_PATH', '/shop/');
 define('DIR_WS_HTTP_CATALOG', '/shop/');
 define('DIR_WS_HTTPS_CATALOG', '/shop/');

Getting the Phoenix off the ground

Link to comment
Share on other sites

Hi Pierrre

You have it set up correctly, SSL is only to protect pages with sensitive info like sign up, log in, checkout pages, there is no reason to have SSL on any other page with one exception perhaps of the contact us page its not necessary but customers like to see you take care with their security and privacy.

A good idea is to have your admin folder SSL protected as this is the place where all of the info on your store and your clients is kept

Nic

Sometimes you're the dog and sometimes the lamp post

[/url]

My Contributions

Link to comment
Share on other sites

Hi Pierrre

You have it set up correctly, SSL is only to protect pages with sensitive info like sign up, log in, checkout pages, there is no reason to have SSL on any other page with one exception perhaps of the contact us page its not necessary but customers like to see you take care with their security and privacy.

A good idea is to have your admin folder SSL protected as this is the place where all of the info on your store and your clients is kept

Nic

Thanks for quick reply

 

Got me worried for a second though

So SSL is intended for the checkout part only?

Moving between SSL and NONSSL safe to say, must it work like this?

Getting the Phoenix off the ground

Link to comment
Share on other sites

yes its a parameter of the link to invoke SSL so the cart takes care of it all store side

a link to SSL looks like

 

<?php echo tep_href_link(FILENAME_LOGOFF, '', 'SSL'); ?>

 

 

if it were just HTTP would look like

 

<?php echo tep_href_link(FILENAME_LOGOFF); ?>

 

 

Nic

Sometimes you're the dog and sometimes the lamp post

[/url]

My Contributions

Link to comment
Share on other sites

Need some more advice

 

My shop is currently located at shop.site.com

 

Is it possible when moving over to SSL the checkout part that the browser link changes to secure.site.com or something in that line

 

Good or bad??

Getting the Phoenix off the ground

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...