I'm having the following problem:
I'm using the latest version of OpenCart (2.2) with SSL on my server. I've configured it to use SSL (Settings->Server) and changed the HTTPS configurations in the main config.php and admin/config files, and the website turned into a mess. The HTTPS mode works, but a lot of content is still served as HTTP. Some requests are being made with HTTP, and the form actions are pointing to HTTP URI's.
I want to use only HTTPS in my website.
So, my question is: Did i forget something, or is it a bug?
Thank you.
That is the 'copy-paste' question that everyone makes.florinsith wrote:By default in opencart only the checkout, account, affiliate and admin pages are secured, the main website url is still on http because the http server in config uses http://. If you want https accross the entire website you need to change the http_server to use https:// as well.
I've already done that. I've tried almost everything about OpenCart. When you request the website in HTTPS, there are some content that is server through HTTP.
But it is true and correct.BlueKore wrote:That is the 'copy-paste' question that everyone makes.florinsith wrote:By default in opencart only the checkout, account, affiliate and admin pages are secured, the main website url is still on http because the http server in config uses http://. If you want https accross the entire website you need to change the http_server to use https:// as well.
I've already done that. I've tried almost everything about OpenCart. When you request the website in HTTPS, there are some content that is server through HTTP.
What you can do (and should) is adding a few lines to your .htaccess and
1. rerouting http://www.sites to non-www
2. rerouting http-calls (port 80) to https (443 -ssl)
With both I have several customers serving all sites per https - no matter how you will call them.
Full Stack Web Developer :: Dedicated OpenCart Development & Support DACH Region
Contact for Custom Work / Fast Support.
Opencart Hosting Plans, Domain Registration, Microsoft and Google Email and More
Visit our website for great deals and most importantly, fast and friendly support - www.evolvewebhost.com
It is a least a developer code oversight or misunderstanding on how it should work in the real world. At the most, a lack of proper testing...
It was changed to be incorrect - http://forum.opencart.com/viewtopic.php ... 22#p606922
NEVER take serious; anyone who gives negative impact statements with no ABSOLUTE proof!
OpenCart Helpful Information * Upgrade 1.5 to 2.1 * Upgrade 2.1 to 2.2
"Why do people NEVER have enough time to do it right but ALWAYS enough time to do it over?"
DO NOT EVER GIVE SOMEONE YOU DON"T KNOW ADMIN ACCESS TO ANYTHING!
I am NOT affiliated with OpenCart
- * Enabled SSL in the settings
* Changed the HTTPS_SERVER property in /config.php
* Changed the HTTPS_SERVER and HTTPS_CATALOG properties in /admin/config.php
When I try to login I get a browser warning that the form data will be sent in clear text.
I have also tried to enable the included .htaccess (by removing .txt from the filename).
Same problem.
This was a clean install.
This worked fine with the exact same domains with the 1.5.6.4 version.
Set
Code: Select all
$_['site_ssl'] = false;
Code: Select all
$_['site_ssl'] = true;
Reason: Added code tags.
Thanks, this indeed works for SSL and the Admin panel. this just reinforces my thoughts that they do not test these things or rely on those that do...
NEVER take serious; anyone who gives negative impact statements with no ABSOLUTE proof!
OpenCart Helpful Information * Upgrade 1.5 to 2.1 * Upgrade 2.1 to 2.2
"Why do people NEVER have enough time to do it right but ALWAYS enough time to do it over?"
DO NOT EVER GIVE SOMEONE YOU DON"T KNOW ADMIN ACCESS TO ANYTHING!
I am NOT affiliated with OpenCart
From what I see in url->link , what I wrote above isnt relevant anymore in 2.2florinsith wrote:By default in opencart only the checkout, account, affiliate and admin pages are secured, the main website url is still on http because the http server in config uses http://. If you want https accross the entire website you need to change the http_server to use https:// as well.
daniGo wrote:Look in upload/system/config/catalog.php and upload/system/config/admin.php.
Set
$_['site_ssl'] = false;
to
$_['site_ssl'] = true;
Selling Kristik - Jasa Foto Aura - Kapas Vapor - supplier baju anak -
If you want the entire site as https, do you need to redirect http to https in the .htaccess file?
I don't see why that should be necessary.
But it seems most pages, even with SSL enabled, and the HTTPS urls specified, are returned as HTTP
This causes the icons not to load properly, and an unknown error.
It's incredibly difficult finding proper guidance on how to properly serve an entire OpenCart 2.2.0 installation through HTTPS.
Thanks
Code: Select all
if ($this->ssl && $secure) {
$url = 'https://' . $_SERVER['HTTP_HOST'] . rtrim(dirname($_SERVER['SCRIPT_NAME']), '/.\\') . '/index.php?route=' . $route;
} else {
$url = 'http://' . $_SERVER['HTTP_HOST'] . rtrim(dirname($_SERVER['SCRIPT_NAME']), '/.\\') . '/index.php?route=' . $route;
}
Code: Select all
$url = 'https://' . $_SERVER['HTTP_HOST'] . rtrim(dirname($_SERVER['SCRIPT_NAME']), '/.\\') . '/index.php?route=' . $route;
Code: Select all
if ($this->ssl && $secure) {
$url = 'https://' . $_SERVER['HTTP_HOST'] . rtrim(dirname($_SERVER['SCRIPT_NAME']), '/.\\') . '/index.php?route=' . $route;
} else {
$url = 'https://' . $_SERVER['HTTP_HOST'] . rtrim(dirname($_SERVER['SCRIPT_NAME']), '/.\\') . '/index.php?route=' . $route;
}
The htaccess redirect should stay for its initial purpose, to redirect to https in case http is explicitly accessed.
You are going to have issues in v2.2.0.0
OpenCart 2.2.0.0 Testing - Issues to Expect...
What to use to get you to SSL
Changes made to correct issues in OpenCart for v2.2.0.x
You have to make all SSL changes...
NEVER take serious; anyone who gives negative impact statements with no ABSOLUTE proof!
OpenCart Helpful Information * Upgrade 1.5 to 2.1 * Upgrade 2.1 to 2.2
"Why do people NEVER have enough time to do it right but ALWAYS enough time to do it over?"
DO NOT EVER GIVE SOMEONE YOU DON"T KNOW ADMIN ACCESS TO ANYTHING!
I am NOT affiliated with OpenCart
Or do we need to run that vQmod XML file?
Why on earth do they release such buggy versions? This is the latest/default release on Softaculous. And it's not fit for purpose.
Thanks
You should NEVER make code changes directly to OpenCart files (hardcode).
Buggy releases are a result of buggy testing...
NEVER take serious; anyone who gives negative impact statements with no ABSOLUTE proof!
OpenCart Helpful Information * Upgrade 1.5 to 2.1 * Upgrade 2.1 to 2.2
"Why do people NEVER have enough time to do it right but ALWAYS enough time to do it over?"
DO NOT EVER GIVE SOMEONE YOU DON"T KNOW ADMIN ACCESS TO ANYTHING!
I am NOT affiliated with OpenCart
I set all configs to https:// for secure and non-secure, If you go to https://store then add product to cart, them go to cart, it reverts to non-ssl http://store Same in admin will not remain in SSL.
If 2.2 should not be listed as a stable version.
David C.
I wonder if the sun is shining outside?
So you advise to install vQmod:
http://www.opencart.com/index.php?route ... n_id=19501
Then vQmod manager:
http://www.opencart.com/index.php?route ... n_id=19188
And then upload the v2.2.0.x Changes.zip file provided here:
http://www.randemsystems.com/support/op ... t-only%29/
I uploaded the vQmod files, and then did the same for vQmod manager and installed it, but vQmod doesn't seem to be installed.
Under Extensions > Modules > VQMod Manager > Edit
I get:
Required file "vqmod.php" is missing! Please install the latest OpenCart-compatible version of VQMod from https://github.com/vqmod/vqmod/releases and try again.
Previously when installing vQmod I've just used the official github.
What does this extension do?
http://www.opencart.com/index.php?route ... n_id=19501
Do I also need to upload a vqmod.php file?
Sorry, I don't find the instructions clear.
I can't believe any of this is necessary with a "stable" release.
We normally recommend OpenCart, but I don't see how we can with it in this state.
One can expect this from some hobbyist forum software or the like, but not the most recommended shopping cart software after Magento.
Any help much appreciated.
NEVER take serious; anyone who gives negative impact statements with no ABSOLUTE proof!
OpenCart Helpful Information * Upgrade 1.5 to 2.1 * Upgrade 2.1 to 2.2
"Why do people NEVER have enough time to do it right but ALWAYS enough time to do it over?"
DO NOT EVER GIVE SOMEONE YOU DON"T KNOW ADMIN ACCESS TO ANYTHING!
I am NOT affiliated with OpenCart
I tried with:
Code: Select all
if ($this->ssl && $secure) {
$url = 'https://' . $_SERVER['HTTP_HOST'] . rtrim(dirname($_SERVER['SCRIPT_NAME']), '/.\\') . '/index.php?route=' . $route;
} else {
$url = 'https://' . $_SERVER['HTTP_HOST'] . rtrim(dirname($_SERVER['SCRIPT_NAME']), '/.\\') . '/index.php?route=' . $route;
}
In admin --> setting: use SSL: true
In both config.php files all urls are set to HTTPS.
Admin works fine.
Frontend almost except when you decent into a category it goes completely wrong.
Problem: stylesheet path. All other path seems to be okay but the stylesheet for for instance:
https://www.mydomain.com/desktops/mac
shows in source code: <link href="catalog/view/theme/default/stylesheet/stylesheet.css" rel="stylesheet">
BUT it seems to be loaded from: desktops/catalog/view/theme/default/stylesheet/stylesheet.css
......
anyone an idea/solution to this strange problem?
these days stores should just load fine in 100% HTTPS.
Users browsing this forum: No registered users and 63 guests