Hi,
What can I do to automatically load all pages of the site in https instead of just the checkout and account pages?
Would this be unwise for any reason?
thanks!
u just need edit your config.php in admin folder and the same config.php in your OC roothillfingerr wrote:Hi,
What can I do to automatically load all pages of the site in https instead of just the checkout and account pages?
Would this be unwise for any reason?
thanks!
this two line :
// HTTPS
define('HTTPS_SERVER', 'http://
define('HTTPS_CATALOG', 'http://
change in :
// HTTPS
define('HTTPS_SERVER', 'https://
define('HTTPS_CATALOG', 'https://
https://www.opencartitalia.org
Consulenza,Sviluppo Extension per: Opencart,Magento,Prestahop,Wordpress,Ocart,Zencart,Joomla,Multimerch e SEO Specialist Certified
Info e Contatti
To be able to load ALL pages (as requested) via HTTPS you need a bit more than only editing the 2 config.php.
Full Stack Web Developer :: Dedicated OpenCart Development & Support DACH Region
Contact for Custom Work / Fast Support.
That's right! I already have those lines in both my config.php.
OSWorX, can you please elaborate on what I need to make this happen?
Thanks in advance.
OSWorX, can you please elaborate on what I need to make this happen?
Thanks in advance.
but did u have installed a SSL certificate in your OC store?
https://www.opencartitalia.org
Consulenza,Sviluppo Extension per: Opencart,Magento,Prestahop,Wordpress,Ocart,Zencart,Joomla,Multimerch e SEO Specialist Certified
Info e Contatti
Yes, I do have a SSL certificate installed and kicks in and working just fine for the checkout and user account pages, but I want it to work for all pages automatically, not by manually haveing to add an "s" after http in the browser url area.
ok try that open your both config.php
for admin config.php rename this two line
<?php
// HTTP
define('HTTP_SERVER', 'http:
define('HTTP_CATALOG', 'http:
rename in :
// HTTP
define('HTTP_SERVER', 'https:
define('HTTP_CATALOG', 'https:
--------------------------------------------------------------------
for root config.php
<?php
// HTTP
define('HTTP_SERVER', 'http:
rename in
<?php
// HTTP
define('HTTP_SERVER', 'https:
try this i'm not sure
for admin config.php rename this two line
<?php
// HTTP
define('HTTP_SERVER', 'http:
define('HTTP_CATALOG', 'http:
rename in :
// HTTP
define('HTTP_SERVER', 'https:
define('HTTP_CATALOG', 'https:
--------------------------------------------------------------------
for root config.php
<?php
// HTTP
define('HTTP_SERVER', 'http:
rename in
<?php
// HTTP
define('HTTP_SERVER', 'https:
try this i'm not sure
https://www.opencartitalia.org
Consulenza,Sviluppo Extension per: Opencart,Magento,Prestahop,Wordpress,Ocart,Zencart,Joomla,Multimerch e SEO Specialist Certified
Info e Contatti
https://www.opencartitalia.org
Consulenza,Sviluppo Extension per: Opencart,Magento,Prestahop,Wordpress,Ocart,Zencart,Joomla,Multimerch e SEO Specialist Certified
Info e Contatti
Thank you for your answer. This solves it and now I also have the answer to what the downside of doing this might be.
If your running the whole site in https there might be certaing content that is considered unsecure and automatically blocked therefore loosing functionality. I'm guessing that's why opencart restricted the use of https to just the user account and the checkout process.
Here's an extract from Chrome:
"If you're visiting a site via a secure connection, Google Chrome will verify that the content on the webpage has been transmitted safely. If it detects certain types of content on the page coming from insecure channels, it can automatically prevent the content from loading and you'll see a shield icon Insecure content shield icon appearing in the address bar. By blocking the content and possible security gaps, Chrome protects your information on the page from falling into the wrong hands."
Best regards,
Gabriel
If your running the whole site in https there might be certaing content that is considered unsecure and automatically blocked therefore loosing functionality. I'm guessing that's why opencart restricted the use of https to just the user account and the checkout process.
Here's an extract from Chrome:
"If you're visiting a site via a secure connection, Google Chrome will verify that the content on the webpage has been transmitted safely. If it detects certain types of content on the page coming from insecure channels, it can automatically prevent the content from loading and you'll see a shield icon Insecure content shield icon appearing in the address bar. By blocking the content and possible security gaps, Chrome protects your information on the page from falling into the wrong hands."
Best regards,
Gabriel
Theory if you use subs/multis: On top of the config thoughts, this may work as well to help (untested currently, dont have SSL on a test store). This is assuming that you have a subdomain set as primary store root in preparation for attachments of multistore addon domains.
In www/your-oc-install/htaccess, mask all temp urls then tell the http_host that it should resolve to https:
Then if you run multistores, goto the store settings and enter the https:// base URL for both fields, then turn SSL on. Combined with the config settings, this should help to force https://.
A note about Chrome not loading insecure content or making the yellow broken lock -- be sure to prefix your images/media/calls/etc with either an "https://" to ONLY load via SSL, or use "//" to let it pick and choose between SSL or normal http mode. If configs are set right, and https:// defined there, utility or json urls should accent this correctly.
So a call for an image in code would look like:
SSL Always => https://www.example.com/image/data/my-image.png
SSL On Demand => //www.example.com/image/data/my-image.png
SSL Never => http://www.example.com/image/data/my-image.png
In www/your-oc-install/htaccess, mask all temp urls then tell the http_host that it should resolve to https:
Code: Select all
RewriteCond %{HTTP_HOST} ^store\.example\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.store\.example\.com$ [OR]
RewriteCond %{HTTP_HOST} ^store\.com$
RewriteRule ^(.*)$ "https\:\/\/www\.store\.com\/$1" [R=301,L]
RewriteCond %{HTTPS_HOST} ^store\.example\.com$ [OR]
RewriteCond %{HTTPS_HOST} ^www\.store\.example\.com$ [OR]
RewriteCond %{HTTPS_HOST} ^store\.com$
RewriteRule ^(.*)$ "https\:\/\/www\.store\.com\/$1" [R=301,L]A note about Chrome not loading insecure content or making the yellow broken lock -- be sure to prefix your images/media/calls/etc with either an "https://" to ONLY load via SSL, or use "//" to let it pick and choose between SSL or normal http mode. If configs are set right, and https:// defined there, utility or json urls should accent this correctly.
So a call for an image in code would look like:
SSL Always => https://www.example.com/image/data/my-image.png
SSL On Demand => //www.example.com/image/data/my-image.png
SSL Never => http://www.example.com/image/data/my-image.png
https://creadev.org | support@creadev.org - Opencart Extensions, Integrations, & Development. Made in the USA.
I can't add an SSL URL to the admin>system>settings>multi store URL>edit>SSL URL on the general tab.
when I do, all I get is 'page cannot be found!' and am unable to save it
What is causing this?
when I do, all I get is 'page cannot be found!' and am unable to save it
What is causing this?
Who is online
Users browsing this forum: No registered users and 84 guests
