brideoflinux Posted January 14, 2004 Share Posted January 14, 2004 From within my store, SSL is working fine. Customers get a secure connection as soon as they try to login to their account or checkout. Good so far! However, when I go to admin, I am not protected by SSL, which is a potential problem, since I access customer information (like the first and last numbers of their credit cards) from admin. If I go to admin by using https://mysite.com/admin, I loginto a secure connection, but as soon as I click to go to "Orders" the secure connection is gone. What do I need to hack to get admin to connect using a secure connection? Thank you, Christine Link to comment Share on other sites More sharing options...
Guest Posted January 14, 2004 Share Posted January 14, 2004 it is not hack, there are a few things you will need to do. first, in the admin/includes/configure.php file, the first line where it is most likely now http://yoursite.com needs to be https://yoursite.com and then the admin section will be in ssl. however, it can still be access by non-ssl, it should point you back to the ssl side, but sometimes some server configurations do not do that. i have an article on how to secore a folder so only ssl is available, it is too large for me to post, even though i have tried numerous times. it is on ftp.recoverdata.com and is titled htaccesinfo.txt (less than 1k) it explains forcing ssl on a folder. Link to comment Share on other sites More sharing options...
brideoflinux Posted January 14, 2004 Author Share Posted January 14, 2004 Thank you so much! Making the change in the admin/includes/configure.php file did the trick! I appreciate your help very much! Christine :D Link to comment Share on other sites More sharing options...
tammy507 Posted January 15, 2004 Share Posted January 15, 2004 I have shared SSL, any idea how I can secure my admin???? Is it the same proceedure or do I need to do something different? Thanks Tammy Link to comment Share on other sites More sharing options...
Guest Posted January 15, 2004 Share Posted January 15, 2004 basically it is the same Tammy, other than you need to follow your host procedures pointing to the proper link for SSL Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.