A2 Hosting
16 posts Page 1 of 1
by justme » Sun Aug 16, 2015 1:39 pm
Is the a way to secure an entire site so that get a better sense of security

My site is http://dealo.com.au

TIA
by IP_CAM » Mon Aug 17, 2015 4:50 am
Make your OC v.1.5.6.x look and act like an OC-2 for free !
Ernie's OpenShop 1.5.6.5 with the genious free responsive OC Bootstrap 3 Theme:
http://www.hitline.info/
Image
by Dhaupin » Tue Aug 18, 2015 3:43 am
We made a mod here that takes care of all the little things needed to run https, multistore friendly: http://www.opencart.com/index.php?route ... n_id=19396 Sorry it doesnt work with 2.x yet, been so stinking busy....

Or, alternatively you can use cloudflare with a forced page rule, but you might still need that mod for relative assets and the header switching
by JAY6390 » Thu Oct 22, 2015 6:40 pm
The simplest solution is to simply open your config file and add an 's' to the 'http://' changing it to 'https://' for all the necessary urls
ImageImageImage

SEO MEGA KIT PLUS - Get your site ranking higher in the search engines
Better Product SEO URL's - Perfectly structured product links
SEO URL's Route Editor PRO - Make ANY url on your site have clean keywords - even third party extensions (remove index.php)


Image
by GraemeH » Thu Oct 29, 2015 10:27 pm
JAY6390 wrote: The simplest solution is to simply open your config file and add an 's' to the 'http://' changing it to 'https://' for all the necessary urls


Hi Jay,

I was told there were also some core files that needed to be changed for this?
by herischarles » Wed Nov 04, 2015 2:32 pm
You can make your whole site https secured by adding this following code in your .htaccess file:

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.yoursite.com/$1 [R,L]
</IfModule>
by JAY6390 » Thu Nov 05, 2015 3:39 am
@GraemeH - That's not true

@herischarles - that would actually cause some major issues with things like payment gateway callbacks and some forms being submitted
ImageImageImage

SEO MEGA KIT PLUS - Get your site ranking higher in the search engines
Better Product SEO URL's - Perfectly structured product links
SEO URL's Route Editor PRO - Make ANY url on your site have clean keywords - even third party extensions (remove index.php)


Image
by paynetech » Mon Mar 07, 2016 10:47 pm
herischarles wrote: You can make your whole site https secured by adding this following code in your .htaccess file:

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.yoursite.com/$1 [R,L]
</IfModule>


Works beautifully but I can confirm it breaks OpenBay Pro. I even tried all workarounds which excluded openbaypro traffic (under their instruction) but to no avail. Ended up using the config.php "add an s to the http url" hack, works great. Still possible for old links to route to non ssl, and this in turn breaks font loading etc. but as long as you fix all the links and google isn't indexing old links you should be grand.
by paulfeakins » Fri Mar 11, 2016 6:16 pm
paynetech wrote: Works beautifully but I can confirm it breaks OpenBay Pro.

I agree with Jay, I don't recommend anyone uses that method.

paynetech wrote: Ended up using the config.php "add an s to the http url" hack, works great.

This is not a hack, this is a good solution.

paynetech wrote: Still possible for old links to route to non ssl, and this in turn breaks font loading etc. but as long as you fix all the links and google isn't indexing old links you should be grand.

Correct, you'll need to make sure that all 3rd party external resources you're loading are also being loaded over HTTPS. This could be fonts, JavaScript libraries, widgets etc.

You should also add this to .htaccess:
Code: Select all
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
For quick, professional OpenCart support please email info@antropy.co.uk
by burrito » Fri Mar 11, 2016 6:19 pm
easiest way for loading external content is to use leading // instead of http:// or https:// it'll use the correct protocol either way.
Image
Opencart specialist | Our website | Our modules
by dmsims » Sun Mar 13, 2016 4:30 am
If you alter the config files and don't use a redirect how are inbound links handled ?
by IP_CAM » Sun Mar 13, 2016 8:49 am
this could possibly be of help as well, to handle 'inbound' links:

Full Site HTTPS OC v.1.5.6 - 2.1.0.2 free
http://www.opencart.com/index.php?route=extension/extension/info&extension_id=25769

Ernie
openshop.li
Make your OC v.1.5.6.x look and act like an OC-2 for free !
Ernie's OpenShop 1.5.6.5 with the genious free responsive OC Bootstrap 3 Theme:
http://www.hitline.info/
Image
by paulfeakins » Mon Mar 14, 2016 6:05 pm
dmsims wrote: If you alter the config files and don't use a redirect how are inbound links handled ?

The answer's in the question - they don't get redirected ;)

However, all links on the page will be https, so once they click something they'll be on https.
For quick, professional OpenCart support please email info@antropy.co.uk
by davidcropley » Thu Jun 09, 2016 6:11 am
I believe the best way is to create a mirror of your site and have https traffic rerouted to this directory. This was you keep both http and https versions to avoid errors. Don't ask me the best way to do this though - I don't know! :drunk:
by calderwood » Tue Jan 10, 2017 8:02 am
Works beautifully but I can confirm it breaks OpenBay Pro. I even tried all workarounds which excluded openbaypro traffic (under their instruction) but to no avail. Ended up using the config.php "add an s to the http url" hack, works great. Still possible for old links to route to non ssl, and this in turn breaks font loading etc. but as long as you fix all the links and google isn't indexing old links you should be grand.[/quote]

Did you ever solve this problem? We have the same with OpenBay broken and OB support says it is the use of SSL
I wonder if the sun is shining outside?
by bellafred » Mon Jan 16, 2017 4:35 pm
Thank you for this information.
16 posts Page 1 of 1
Who is online

Users browsing this forum: No registered users and 3 guests

A2 Hosting