How to make the whole site https secured

Post Reply
justme
Posts: 10
Joined: Wed Jul 11, 2012 2:21 pm

How to make the whole site https secured

Post by justme » Sun Aug 16, 2015 1:39 pm

Is the a way to secure an entire site so that get a better sense of security

My site is http://dealo.com.au

TIA

User avatar
IP_CAM
Posts: 6408
Joined: Tue Mar 04, 2014 1:37 am
Location: Switzerland
Contact:

Re: How to make the whole site https secured

Post by IP_CAM » Mon Aug 17, 2015 4:50 am

look here to find many answers to this:
https://www.google.com/search?q=update+ ... 8&oe=utf-8
Ernie
Ernie's OpenShop 1.5.6.5 with the free responsive OC Bootstrap 3 Theme:
http://www.evelo.li
Image

User avatar
Dhaupin
Posts: 814
Joined: Tue May 13, 2014 3:45 am
Location: PA
Contact:

Re: How to make the whole site https secured

Post by Dhaupin » Tue Aug 18, 2015 3:43 am

We made a mod here that takes care of all the little things needed to run https, multistore friendly: http://www.opencart.com/index.php?route ... n_id=19396 Sorry it doesnt work with 2.x yet, been so stinking busy....

Or, alternatively you can use cloudflare with a forced page rule, but you might still need that mod for relative assets and the header switching

User avatar
JAY6390
Posts: 5032
Joined: Wed May 26, 2010 11:47 pm
Location: United Kingdom
Contact:

Re: How to make the whole site https secured

Post by JAY6390 » Thu Oct 22, 2015 6:40 pm

The simplest solution is to simply open your config file and add an 's' to the 'http://' changing it to 'https://' for all the necessary urls
ImageImageImage

SEO MEGA KIT PLUS - Get your site ranking higher in the search engines
Better Product SEO URL's - Perfectly structured product links
SEO URL's Route Editor PRO - Make ANY url on your site have clean keywords - even third party extensions (remove index.php)


Image

GraemeH
Posts: 55
Joined: Fri Apr 20, 2012 4:56 pm

Re: How to make the whole site https secured

Post by GraemeH » Thu Oct 29, 2015 10:27 pm

JAY6390 wrote:The simplest solution is to simply open your config file and add an 's' to the 'http://' changing it to 'https://' for all the necessary urls
Hi Jay,

I was told there were also some core files that needed to be changed for this?

herischarles
Posts: 11
Joined: Wed Nov 04, 2015 1:54 pm
Location: canada
Contact:

Re: How to make the whole site https secured

Post by herischarles » Wed Nov 04, 2015 2:32 pm

You can make your whole site https secured by adding this following code in your .htaccess file:

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.yoursite.com/$1 [R,L]
</IfModule>

User avatar
JAY6390
Posts: 5032
Joined: Wed May 26, 2010 11:47 pm
Location: United Kingdom
Contact:

Re: How to make the whole site https secured

Post by JAY6390 » Thu Nov 05, 2015 3:39 am

@GraemeH - That's not true

@herischarles - that would actually cause some major issues with things like payment gateway callbacks and some forms being submitted
ImageImageImage

SEO MEGA KIT PLUS - Get your site ranking higher in the search engines
Better Product SEO URL's - Perfectly structured product links
SEO URL's Route Editor PRO - Make ANY url on your site have clean keywords - even third party extensions (remove index.php)


Image

paynetech
Posts: 17
Joined: Wed Apr 01, 2015 12:16 am

Re: How to make the whole site https secured

Post by paynetech » Mon Mar 07, 2016 10:47 pm

herischarles wrote:You can make your whole site https secured by adding this following code in your .htaccess file:

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.yoursite.com/$1 [R,L]
</IfModule>
Works beautifully but I can confirm it breaks OpenBay Pro. I even tried all workarounds which excluded openbaypro traffic (under their instruction) but to no avail. Ended up using the config.php "add an s to the http url" hack, works great. Still possible for old links to route to non ssl, and this in turn breaks font loading etc. but as long as you fix all the links and google isn't indexing old links you should be grand.

User avatar
paulfeakins
Posts: 770
Joined: Mon Aug 22, 2011 11:01 pm
Location: Reigate, Surrey, United Kingdom
Contact:

Re: How to make the whole site https secured

Post by paulfeakins » Fri Mar 11, 2016 6:16 pm

paynetech wrote:Works beautifully but I can confirm it breaks OpenBay Pro.
I agree with Jay, I don't recommend anyone uses that method.
paynetech wrote:Ended up using the config.php "add an s to the http url" hack, works great.

This is not a hack, this is a good solution.
paynetech wrote:Still possible for old links to route to non ssl, and this in turn breaks font loading etc. but as long as you fix all the links and google isn't indexing old links you should be grand.
Correct, you'll need to make sure that all 3rd party external resources you're loading are also being loaded over HTTPS. This could be fonts, JavaScript libraries, widgets etc.

You should also add this to .htaccess:

Code: Select all

RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
For quick, professional OpenCart support please email info@antropy.co.uk

User avatar
burrito
Posts: 246
Joined: Tue Dec 15, 2009 6:10 pm
Location: Amsterdam, The Netherlands
Contact:

Re: How to make the whole site https secured

Post by burrito » Fri Mar 11, 2016 6:19 pm

easiest way for loading external content is to use leading // instead of http:// or https:// it'll use the correct protocol either way.
Image
Opencart specialist | Our website | Our modules

dmsims
Posts: 166
Joined: Sat Apr 13, 2013 6:05 pm

Re: How to make the whole site https secured

Post by dmsims » Sun Mar 13, 2016 4:30 am

If you alter the config files and don't use a redirect how are inbound links handled ?

User avatar
IP_CAM
Posts: 6408
Joined: Tue Mar 04, 2014 1:37 am
Location: Switzerland
Contact:

Re: How to make the whole site https secured

Post by IP_CAM » Sun Mar 13, 2016 8:49 am

this could possibly be of help as well, to handle 'inbound' links:

Full Site HTTPS OC v.1.5.6 - 2.1.0.2 free
http://www.opencart.com/index.php?route ... n_id=25769

Ernie
openshop.li
Ernie's OpenShop 1.5.6.5 with the free responsive OC Bootstrap 3 Theme:
http://www.evelo.li
Image

User avatar
paulfeakins
Posts: 770
Joined: Mon Aug 22, 2011 11:01 pm
Location: Reigate, Surrey, United Kingdom
Contact:

Re: How to make the whole site https secured

Post by paulfeakins » Mon Mar 14, 2016 6:05 pm

dmsims wrote:If you alter the config files and don't use a redirect how are inbound links handled ?
The answer's in the question - they don't get redirected ;)

However, all links on the page will be https, so once they click something they'll be on https.
For quick, professional OpenCart support please email info@antropy.co.uk

davidcropley
Posts: 38
Joined: Thu Jul 12, 2012 2:18 am

Re: How to make the whole site https secured

Post by davidcropley » Thu Jun 09, 2016 6:11 am

I believe the best way is to create a mirror of your site and have https traffic rerouted to this directory. This was you keep both http and https versions to avoid errors. Don't ask me the best way to do this though - I don't know! :drunk:

calderwood
Posts: 21
Joined: Tue Jan 03, 2012 7:59 am
Location: Shrewsbury, NJ

Re: How to make the whole site https secured

Post by calderwood » Tue Jan 10, 2017 8:02 am

Works beautifully but I can confirm it breaks OpenBay Pro. I even tried all workarounds which excluded openbaypro traffic (under their instruction) but to no avail. Ended up using the config.php "add an s to the http url" hack, works great. Still possible for old links to route to non ssl, and this in turn breaks font loading etc. but as long as you fix all the links and google isn't indexing old links you should be grand.[/quote]

Did you ever solve this problem? We have the same with OpenBay broken and OB support says it is the use of SSL
I wonder if the sun is shining outside?

bellafred
Posts: 2
Joined: Sun Dec 18, 2016 5:46 pm
Location: Forster
Contact:

Re: How to make the whole site https secured

Post by bellafred » Mon Jan 16, 2017 4:35 pm

Thank you for this information.

Post Reply

Return to “Security & Server”

Who is online

Users browsing this forum: No registered users and 8 guests