OpenCart Community

Hi all,
I need to be able to force SSL on my sensitive information pages like Checkout, Account and Admin pages. I already have SSL working fine in my cart and admin pages but want to be able to make them only use SSL. For example if I go directly to http://www.mysite.com/checkout then I can checkout without using https (SSL) and I am not redirected back to the https version. Would be great if this was a feature in an upcoming release.
Thanks!

Using version 1.5.1

so you want to save a customer who works very hard at giving away sensitive information from being able to do so? I don't really see the big deal. There is no legitimate way to get to those pages in an unsecure manner, so if someone wants to type it in and send their information unsecured let them.

but if you are that worried about it. It should not be too hard to create a .htaccess rule to redirect to ssl.

Xsecrets wrote:It should not be too hard to create a .htaccess rule to redirect to ssl.

Would be great if all of the checkout pages, account pages, including viewcart could all redirect to ssl

How should the .htaccess be written for this?

Is there a way to make this work with SEF Urls as well?

Does the following .htaccess code from another thread help?
http://forum.opencart.com/viewtopic.php?t=58025

Thanks

Hello,

Was there ever a solution to this?

Thanks,

Mike

Same here.. not happening on its own and not all the time.. cart will not go into checkout.. seems to be SSL/Host related but not getting anywhere with them at the moment.

Check this thread. There is a .htaccess script posted in there that will force SSL on account, checkout and admin pages.

http://forum.opencart.com/viewtopic.php?t=4336



Regards,
Joel.

Thanks Joel..

Had tried some of the hta mods but didn't work.. had to put the whole site into SSL just to get around it for now while I transfer to a real host provider. I am sure that will resolve it as well as many other issues I had. Sometimes the cheapest isn't always the best and when it comes to sales can't afford to take chances anymore. I do believe there is something with the server config or SSL but they just say they look ok.

Cheers,
Stan

OpenCart Addons wrote:Check this thread. There is a .htaccess script posted in there that will force SSL on account, checkout and admin pages.

http://forum.opencart.com/viewtopic.php?t=4336



Regards,
Joel.

i didn't find the htaccess stuff in the thread mentioned, would you mind posting it in the current thread?

thanks

Check this post & host thread.. do yourself a favor if you are having these issues or any issues in general with speed and your current host and make the change ASAP for your benefit. http://forum.opencart.com/viewtopic.php ... 24#p386924

http://www.wxhosting.com

In the end I used this extension which I already has installed to redirect the pages I wanted from 'http'' to 'https':
http://www.opencart.com/index.php?route ... on_id=5388

Sorry for the late response. Here's what I have inserted into my .htaccess file:


Regards,
Joel.

thanks, will give it a go

btw, think this could be extended to force ssl for a particular product (but not all):

http://demo.opencart.com/index.php?rout ... duct_id=49

thanks