Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

SSL Admin Page


Guest

Recommended Posts

Hi All

 

I have searched all over but can't seem to find an answer. When I log into admin in the lower left hand corner it shows that the admin page is not being loaded using SSL. Below is the code for the admin config.php file.

 

define('HTTP_SERVER', 'http://mydomainname.com'); // eg, http://localhost - should not be empty for productive servers
 define('HTTP_CATALOG_SERVER', 'http://mydomainname.com');
 define('HTTPS_CATALOG_SERVER', 'https://www.secure-server05.com/~username');
 define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module

 

I edited my other config.php and the checkout is working using SSL. I am lost can't see what is screwed up hopefully someone else can see it.

Link to comment
Share on other sites

In your admin/includes/configure.php, set HTTP_SERVER to be your HTTPS URL base.

Tried that and it didn't work still not getting SSL.

Link to comment
Share on other sites

Actually now only the first page in admin isn't secure. Once I pick a category to go and work on then it's secured. Is this OK or is it a security issue for my site?

Link to comment
Share on other sites

A lot of people obsess about protecting their admin folder with ssl.

 

Now, I'm not saying it's a bad thing but it's fairly trivial. ssl provides an encrypted data transmission. That is to say that it stops some "evil doer" from reading the data stream to and from the server.

 

Just how much data does anyone send to the admin section that anyone else would want?

 

Someone's going to steal your product uploads or something like that? In fact the only thing I would consider at all sensitive is the download of the partial cc number if you're using the basic cc module.

 

ssl in no way makes your server itself safer. It does not add additional password protection, or firewall protection, it's only an encrypted data link, no more, no less.

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites

I have the same issue with the SSL. Everything is secure on my site and all of the pages in the admin panel are secure but the very first admin page.

I wasn't really too concerned eiter but my client may be.

If anyone knows the trick to getting the first admin page secure it would be appreciated.

 

Joe

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...