Guest Posted July 8, 2003 Share Posted July 8, 2003 This is probably a quick fix, so if anyone could help, I'd appreciate it. When I sign into my admin site, the box to the bottom left is telling me my site isn't secure. I typed the secure path in when prompted during installation. I can enter the site in a secure mode when I enter the address manually, but then all the links go to unsecure sites. Where can I fix this issue? Thanks for your help! Link to comment Share on other sites More sharing options...
jcroson Posted July 8, 2003 Share Posted July 8, 2003 The top of your admin/includes/configure.php should contain the following lines: define('HTTP_SERVER', 'https://www.yourdomain.com'); // eg, http://localhost or - https://localhost should not be NULL for productive servers define('HTTP_CATALOG_SERVER', 'http://www.yourdomain.com'); define('HTTPS_CATALOG_SERVER', 'https://www.yourdomain.com'); define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module Make sure that the HTTP_SERVER var is https. JC John Croson Technology Operations Manager Racine Art Museum Link to comment Share on other sites More sharing options...
jcroson Posted July 8, 2003 Share Posted July 8, 2003 I forgot to mention that you should also secure your admin directory using .htaccess (Apache), if you don't have access to the server config files. Mine is like this in the httpd.conf: # Only allow traffic from our net, and site1ip # and then only when authenticated, cause I'm a freak like that...:) <Directory /your/path/to/admin> Order deny,allow Deny from all Allow from site1ip anothernet ournet AuthType Basic AuthName "Store Administration" AuthUserFile /your/path/to/.htpasswd require user myadmin Satisfy All </Directory> That's just what I do... JC John Croson Technology Operations Manager Racine Art Museum Link to comment Share on other sites More sharing options...
Guest Posted July 8, 2003 Share Posted July 8, 2003 Getting there little by little... when I click on a link (for instance, configuration), the link is to a secure page (first problem solved, thank you), but all of the images are missing and the formatting is a bit off. Any ideas where to change this? Thank you! Link to comment Share on other sites More sharing options...
davechl Posted July 9, 2003 Share Posted July 9, 2003 Getting there little by little... when I click on a link (for instance, configuration), the link is to a secure page (first problem solved, thank you), but all of the images are missing and the formatting is a bit off. Any ideas where to change this? Thank you! Hi - I followed the instructions (making sure HTTP_SERVER is defined with "https") but my admin page still says "You are not protected by SSL...". Anywhere else I can check? My images are also broken/missing... David Link to comment Share on other sites More sharing options...
GD Posted July 9, 2003 Share Posted July 9, 2003 Hi davechl, You said: Hi - I followed the instructions (making sure HTTP_SERVER is defined with "https") but my admin page still says "You are not protected by SSL...". Anywhere else I can check? Question, do you have a SSL Certificate installed? If not, you will not be able to work within your admin sections or secure pages of your Web site - under SSL security. Certificates are easy for Web hosts to install and cheap for Webmasters to purchase. I got mine at InstantSSL.com - Their 3 year plan is cheaper than VeriSign's 1 year plans. (Note: I don't work for InstantSSL.com, I'm just a satisfied customer. :D http://www.instantssl.com/ssl-certificate-...instantssl.html After you have your SSL Certificate installed, make sure your admin/includes/configure.php file has a structure like this: // define our webserver variables// FS = Filesystem (physical) // WS = Webserver (virtual) define('HTTP_SERVER', 'https://www.yourdomain.com'); // eg, http://localhost or - https://localhost should not be NULL for productive servers define('HTTPS_SERVER', 'https://www.yourdomain.com'); define('HTTP_CATALOG_SERVER', 'https://www.yourdomain.com'); define('HTTPS_CATALOG_SERVER', 'https://www.yourdomain.com'); define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module define('ENABLE_SSL', 'true'); // secure webserver for catalog define('DIR_FS_DOCUMENT_ROOT', '/home/your_username/public_html'); // where your pages are located on the server. if $DOCUMENT_ROOT doesnt suit you, replace with your local path. (eg, /usr/local/apache/htdocs) And in your catalog/includes/configure.php: // Define the webserver and path parameters// * DIR_FS_* = Filesystem directories (local/physical) // * DIR_WS_* = Webserver directories (virtual/URL) define('HTTP_SERVER', 'http://www.yourdomain.com'); // eg, http://localhost or - https://localhost should not be NULL for productive servers define('HTTPS_SERVER', 'https://www.yourdomain.com'); define('ENABLE_SSL', 'true'); // secure webserver for catalog define('DIR_FS_DOCUMENT_ROOT', '/home/your_username/public_html'); // where your pages are located on the server. if $DOCUMENT_ROOT doesnt suit you, replace with your local path. (eg, /usr/local/apache/htdocs) Works for me. I run my admin section under full SSL and on the catalog side - several pages, such as the login page. Good luck! Running osC - 2.2MS2. P.S. Please don't ask for a link to my site, it is on a production server and not available for the general public, yet! Link to comment Share on other sites More sharing options...
jcroson Posted July 9, 2003 Share Posted July 9, 2003 Don't forget to update your shortcuts to the admin area, i.e. from http://mysite/admin to https://mysite/admin...otherwise you won't connect using SSL..... :) John Croson Technology Operations Manager Racine Art Museum Link to comment Share on other sites More sharing options...
Guest Posted July 13, 2003 Share Posted July 13, 2003 Hi there I just wanted to say thank you, because of you and this thread I was able to secure the admin page of my new E-Store I am trying to develop. AWESOME Thank you all. Jeremy R. Viccari Sr. LAN WAN Engineer www.elitelan.com www.elitelan.com/estore/catalog Link to comment Share on other sites More sharing options...
Guest Posted July 14, 2003 Share Posted July 14, 2003 I can get to my main admin page with my ssl, but if I click on any other links it reverts to http:.... is there something I havnt changed? Doug Link to comment Share on other sites More sharing options...
Guest Posted July 14, 2003 Share Posted July 14, 2003 got it, didnt have the first line set to https... Doug Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.