OpenCart Community

This is the weirdest thang? also applicable for OC v2.x

If I force https in .htaccess The front end is working fine, but I can't get into the (admin) back end. Just loops and doesn't log in.

If I gently force SSL The back end is working, but the front end is not secure for card processing.

Now, I'm not a programmer, but take advice from GitHub and Stackoverflow.
Also using OC for 10 yrs building up a bit of knowledge. (Oops, me anniversary is in 5 days. )

My Q is, is there any fool proof (.htaccess) way to sort this? Sick and tired of trying ...

Have a wonderful weekend you lot!

Jay

NB: OC2.x 7.2php; OC4.x 8.1php

Hi!

I think if you replace http:// with https:// in your config.php files, all would work fine.

My config files look like this???
BTW https://open.spotify.com/track/7EVQCaC9 ... 48d8ed4fed

dragonfly-ie wrote: ↑

Sat Nov 04, 2023 4:24 am

My config files look like this???

Code: Select all

<?php
// HTTP
define('HTTP_SERVER', 'http://kites-ireland.com/');

// HTTPS
define('HTTPS_SERVER', 'https://kites-ireland.com/');

replaced

Thanks a bunch.

Strangely enough it only works on the oc_v4, but not for v2 ... ? Msg: This is a none secure form (to log into admin) loops again, no log in.

PS: was trying to update from v2.2.0.0. to latest 4.0.x but seems a mess. So did a new clean install of v4.

My only solution seems to be to change .htaccess every time I want to log into admin .... ? but if I do, no-one can pay by secure card payment on front page. sucks.

EDIT: removed URLs

Make sure you update config.php and admin/config.php to use https for all URLs.

Are you saying remove above code from .htaccess
and concentrate on config.php ONLY?
Btw reminds me of MS-DOS on my first computers in the 80's, config & exec files.

Still gives me "This form is not secure" when trying to log into admin. (even the URL is https://...) ?

Any ideas what could cause this or how to fix it?
(Happened since I installed a back-up from an earlier date ...)

Cheers. Jay.

The .htaccess should not affect the admin login at all. Unless you have an error there. You could disable the rules to test.

You need to make sure that you update both the config.php and admin/config.php to use https for all URLs.

That should work for 4.0.x. For 2.2.0.0 you may also need to make sure site_ssl is set to true on both system/config/admin.php and upload/system/config/catalog.php if not already.

To make the whole of the catalog use https then you may also need to change the following line to use https.
https://github.com/opencart/opencart/bl ... rl.php#L18

Then view source or inspect the admin login page in your web browser and check all URL start with https.

ADD Creative wrote: ↑

Sat Nov 04, 2023 11:02 pm

For 2.2.0.0 you may also need to make sure site_ssl is set to true on both system/config/admin.php and /system/config/catalog.php if not already.

Cheers. Worked a treat.
'site_ssl' was set to false in both files.
Seems to have fixed the whole catalog as well.

Thanks a million.

dragonfly-ie wrote: ↑

Sat Nov 04, 2023 4:00 am

My Q is, is there any fool proof (.htaccess) way to sort this? Sick and tired of trying ...

Yep, bookmark this badboy: https://www.antropy.co.uk/blog/how-to-r ... and-https/