chrometweaks.org

Looking for a better registrar than iPage (fast)?

Click Here To View All Answers...


My question is Looking for a better registrar than iPage (fast)? Hoping for any comment. Another quick question... I have bothg xecure and non-secure side of OSC. I want my client to use the admin features on the SSL only. I have uploaded all necessary files to the SSL folder but all the links created refer back to non-SSL area..

Is it the /admin/includes/configure.php I need to change, and if so what/how??..

Comments (68)

Good question... I dunno what is the answer. I'll do some investigation and get back to you if I discover an good answer. You should email the people at iPage as they probably could assist you..

Comment #1

Two changes. One, in admin/includes/configure.php, set the HTTP_SERVER define to be your https URL. This will make all the links within admin secure..

Second, in admin/index.php, add the following just after the require of application_top.php:.

If ($_SERVER['HTTPS'] != "on" && substr(HTTP_SERVER, 0, 5) == 'https')  {.

  header("Location: ".tep_href_link(FILENAME_DEFAULT));.

}..

Comment #2

Thanks, nicely done.

What does the bit added to index.php do exactly??..

Comment #3

If you access the admin panel with an http URL, it redirects to https. Try it...

Comment #4

Alternatively, if you are running apache and have access to httpd.conf, in your non-ssl virtual host config add:.

Redirect /catalog/admin/.

Https://www.mystore.com/catalog/admin/.

Make sure and add it near the top, above any <Directory> blocks..

This prevents any bypassing of ssl access to /admin/, unlike altering index.php...

Comment #5

Also removed the admin directory on the non-SSL as well, just to be sure...

Comment #6

I have bothg xecure and non-secure side of OSC. I want my client to use the admin features on the SSL only. I have uploaded all necessary files to the SSL folder but all the links created refer back to non-SSL area..

Is it the /admin/includes/configure.php I need to change, and if so what/how??..

Comment #7

Anyone?.

If, for example, my store is here.

Http://www.mystore.com.

And my SSL stuff is here.

Https://www.mystore.com.

, my admin pages are also supposed to be here.

Https://www.mystore.com/admin/.

But on the index.php in the admin area all the links refer back to.

Http://www.mystore.com.

..

I need to have the admin functions available ONLY on SSL side of the site...

Comment #8


This question was taken from a support group/message board and re-posted here so others can learn from it.