Post by torp » Mon May 07, 2018 9:51 pm

Hi everyone,

Have a SSL secured store installed in a sub-folder , it is an OpenCart 2.2, folder is password protected. When trying to access it, being asked twice to authenticate, gets annoying
.
First time I can see that it is Http: authentication
Second time is Https:

I have .htaccess file in root folder (/public_html/) and in sub folder (/public_html/store/)

.htaccess root
RewriteEngine on

RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]

RewriteCond %{HTTP_HOST} ^hosted\.maindomain\.co$ [OR]
RewriteCond %{HTTP_HOST} ^www\.hosted\.maindomain\.co$
RewriteRule ^/?$ "https\:\/\/www\.secureserver\.net\/\?prog_id\=123456" [R=301,L]


.htaccess store folder
RewriteEngine on

RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]

AuthType Basic
AuthName "Sorry... This Site is for Autorized-Only B2B Access - This is a Password Protected Area ***"

AuthUserFile /home/maindomain/public_html/store/.htpasswd
Require valid-user


I saw 2 possible source of issue (1) two .htaccess files seen by Appache and gets confused (2) there might be a force ssl strict command to only accept authentication on https: thus bypassing http: request

I just dont have the proper command for the SSLStrict SSL commands to put in the proper .htaccess file

Anyone? Other methods via cPanel?
Hosting a GoDaddy.

Thanks,

Joce


Newbie

Posts

Joined
Mon May 07, 2018 9:37 pm
Location - Montreal, Qc Canada

Post by acx » Wed May 09, 2018 1:16 pm

htpasswd authentication is a server directive, not related to Opencart.

When you visit this password-protected page for the first session, is the URL or bookmark you are accessing with, http?

Code: Select all

RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
Because if you are, once the server detects access by http, you have it set to redirect to https with this rule. ^

This is likely the culprit of why you are being prompted twice. Make them both https and you should only be prompt once.

Extensions I've made (free):

Breadcrumbs for 2.3.0.2 & 3.0.2.0 Breadcrumb links for subcategories & parent category on product pages
Product Requests Allow customers to request notifications for sold out products
Abandoned Carts Send inquiries to abandoned carts to complete checkout or provide feedback
Ghost Orders Cleanup residue left behind by one page checkout addons


acx
New member

Posts

Joined
Wed Mar 21, 2018 8:39 am


Post by torp » Thu May 10, 2018 12:05 am

the request is made to https:// we have configured a sub-domain pointing to the https:// server directly i.e. store.domain.com points to https server IP, then redirect to the store folder (via cPanel)

Joce


Newbie

Posts

Joined
Mon May 07, 2018 9:37 pm
Location - Montreal, Qc Canada

Post by torp » Tue May 15, 2018 7:27 am

here it is

RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]

Joce


Newbie

Posts

Joined
Mon May 07, 2018 9:37 pm
Location - Montreal, Qc Canada

Post by torp » Tue May 15, 2018 7:30 am

I have those two lines in my two .htaccess

the one from the root (/public_html)
and the one from the store folder (/public_html/stoe_folder) which is password protected

Joce


Newbie

Posts

Joined
Mon May 07, 2018 9:37 pm
Location - Montreal, Qc Canada

Post by kokolino » Tue May 15, 2018 12:04 pm

hello admin won't start/open right after finish smooth installetion it say wrong iuser alto details are correct please advice

Newbie

Posts

Joined
Wed Jan 11, 2017 3:05 am
Who is online

Users browsing this forum: Baidu [Spider] and 15 guests