Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

SECURE ADMIN, NOT NEW BUT STILL NEED HELP


okie

Recommended Posts

Ok, I know there are hundreds of posts on this. They all have the same answer . I have moved my site to a dedicated server. Installed an ssl certificate. Here are my config. files:

 

admin config.

// * DIR_FS_* = Filesystem directories (local/physical)

// * DIR_WS_* = Webserver directories (virtual/URL)

define('HTTP_SERVER', 'https://www.sunglasses-oklahoma.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTP_CATALOG_SERVER', 'https://www.sunglasses-oklahoma.com');

define('HTTPS_CATALOG_SERVER', 'https://www.sunglasses-oklahoma.com');

define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module

define('DIR_FS_DOCUMENT_ROOT', '/home/sunglass/public_html/shop/'); // where the pages are located on the server

define('DIR_WS_ADMIN', '/shop/admin/'); // absolute path required

define('DIR_FS_ADMIN', '/home/sunglass/public_html/shop/admin/'); // absolute pate required

 

cat. config.

/ Define the webserver and path parameters

// * DIR_FS_* = Filesystem directories (local/physical)

// * DIR_WS_* = Webserver directories (virtual/URL)

define('HTTP_SERVER', 'http://www.sunglasses-oklahoma.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://www.sunglasses-oklahoma.com'); // eg, https://localhost - should not be empty for productive servers

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'sunglasses-oklahoma.com');

define('HTTPS_COOKIE_DOMAIN', 'sunglasses-oklahoma.com');

define('HTTP_COOKIE_PATH', '/shop/');

define('HTTPS_COOKIE_PATH', '/shop/');

define('DIR_WS_HTTP_CATALOG', '/shop/');

define('DIR_WS_HTTPS_CATALOG', '/shop/');

 

I can type in http and it goes to the http folder, if I type it https then it goes to the secure area. So how do you get it to go to the secure area when you enter plain www.blabla/blabla/admin???

 

 

Thanks

Link to comment
Share on other sites

Try

Redirect permanent /admin/ https://www.sunglasses-oklahoma.com/admin/

inside the part of your httpd.conf that listens on port 80. Note: you don't need to change anything for the part that listens on 443.

 

Documentation here.

 

Hth,

Matt

Link to comment
Share on other sites

Thanks Matt.

 

Now my admin is in my secure area. It showes the lock and even says it is secured. I had read post after post and nobody that I have seen suggested this solution. This would fix most every post listed about securing the admin area.

 

Thanks again, Kevin

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...