Guest Posted September 22, 2014 Share Posted September 22, 2014 Hi I'm just trying to secure the admin side through shared SSL/secure server but just can't get it to work.I got it to work fine in BS2334 but not in BS234. Ive included the part of the admin configure.php file and was wondering if someone could take a quick look and tell me what I need to do to get it to work. The site is www.grandpas.co.nz/bootstrapV2. Ive been trying to sort this out for the past week, but to no avail. define('HTTP_SERVER', 'https://grandpas.co.nz/~grandpas'); define('HTTPS_SERVER', 'https://hornet.mysecure.co.nz/~grandpas'); define('ENABLE_SSL', true); define('HTTP_COOKIE_DOMAIN', ''); define('HTTPS_COOKIE_DOMAIN', ''); define('HTTP_COOKIE_PATH', '/admin'); define('HTTPS_COOKIE_PATH', '/admin'); define('HTTP_CATALOG_SERVER', 'http://hornet.mysecure.co.nz/~grandpas'); define('HTTPS_CATALOG_SERVER', 'https://hornet.mysecure.co.nz/~grandpas'); define('ENABLE_SSL_CATALOG', 'true'); define('DIR_FS_DOCUMENT_ROOT', '/home/grandpas/public_html/bootstrapV2/'); define('DIR_WS_ADMIN', '/bootstrapV2/admin/'); define('DIR_WS_HTTPS_ADMIN', '/bootstrapV2/admin/'); define('DIR_FS_ADMIN', '/home/grandpas/public_html/bootstrapV2/admin/'); define('DIR_WS_CATALOG', '/bootstrapV2'); define('DIR_WS_HTTPS_CATALOG', '/bootstrapV2'); define('DIR_FS_CATALOG', '/home/grandpas/public_html/bootstrapV2/'); define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/'); define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/'); define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/'); define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/'); define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/'); The "admin" file has been renamed, and I am aware that a shared cert is not ideal, but will do me for now. Many thanks Grandpa Link to comment Share on other sites More sharing options...
MrPhil Posted September 22, 2014 Share Posted September 22, 2014 This is on a shared SSL server, with a "domain" of https://hornet.mysec...nz/~grandpas/? If you want the admin side to always be under SSL, I would think you'd have to use exactly the same domain for the HTTP side. You can't go doing a "mix and match" with your domain and /~grandpas ... I doubt that directory even exists. Link to comment Share on other sites More sharing options...
Guest Posted September 22, 2014 Share Posted September 22, 2014 Hi @@MrPhil The strange thing is,I only get this problem with BS234 everything worked fine previously in BS2334 Ive tried so many combinations (except finding the one that works. Kind regards .John Link to comment Share on other sites More sharing options...
♥joli1811 Posted September 22, 2014 Share Posted September 22, 2014 You look way mixed up there ?? To improve is to change; to be perfect is to change often. Link to comment Share on other sites More sharing options...
♥joli1811 Posted September 22, 2014 Share Posted September 22, 2014 Now really rough just think you are missing a bit I do not understand why the ~ is on the normal server but who knows maybe help maybe confuse a bit more :D <?php define('HTTP_SERVER', 'http:// www.grandpas.co.nz/'); define('HTTPS_SERVER', 'https:// www.grandpas.co.nz/');//not sure put your SSL here/////////// define('ENABLE_SSL', true); define('HTTP_COOKIE_DOMAIN', ''); define('HTTPS_COOKIE_DOMAIN', '');//not sure put your SSL here probably do not need /////////// define('HTTP_COOKIE_PATH', '/bootstrapV2/admin'); //now again not sure may be just /admin define('HTTPS_COOKIE_PATH', '/bootstrapV2/admin');//now again not sure may be just /admin define('HTTP_CATALOG_SERVER', 'http:// www.grandpas.co.nz/'); define('HTTPS_CATALOG_SERVER', 'https:// www.grandpas.co.nz/');//not sure put your SSL here/////////// define('ENABLE_SSL_CATALOG', 'true'); define('DIR_FS_DOCUMENT_ROOT', '/home/grandpas/public_html/bootstrapV2/'); define('DIR_WS_ADMIN', '/bootstrapV2/admin/'); define('DIR_WS_HTTPS_ADMIN', '/bootstrapV2/admin/');//not sure put your SSL here/////////// define('DIR_FS_ADMIN', '/home/grandpas/public_html/bootstrapV2/admin/'); define('DIR_WS_CATALOG', '//bootstrapV2/'); define('DIR_WS_HTTPS_CATALOG', '/bootstrapV2/');//not sure put your SSL here/////////// define('DIR_FS_CATALOG', '/home/grandpas/public_html/bootstrapV2/'); define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/'); define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/'); define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/'); define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/'); define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/'); To improve is to change; to be perfect is to change often. Link to comment Share on other sites More sharing options...
Jack_mcs Posted September 22, 2014 Share Posted September 22, 2014 @@grandpa Assuming http://hornet.mysecu...nz is the non-ssl url for the shop side, you need to make these changes: define('HTTP_SERVER', 'https://grandpas.co.nz/~grandpas'); define('HTTPS_SERVER', 'https://grandpas.co.nz/~grandpas'); define('ENABLE_SSL', true); define('HTTP_COOKIE_DOMAIN', ''); define('HTTPS_COOKIE_DOMAIN', ''); define('HTTP_COOKIE_PATH', '/admin'); define('HTTPS_COOKIE_PATH', '/admin'); define('HTTP_CATALOG_SERVER', 'http://hornet.mysecu...nz'); define('HTTPS_CATALOG_SERVER', 'https://grandpas.co.nz/~grandpas'); You may have to clear the cookie paths too. The ~grandpas is the username of the account and is needed when the shared ssl is used since that is the only way the server knows which site it is. It shouldn't be used with the normal (non-ssl) url. Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
Guest Posted September 23, 2014 Share Posted September 23, 2014 @@Jack_mcs@@joli1811 Thanks so much for your input. Still unable to get things to work although the URL is correct in the browser - http://www.grandpas.co.nz'); // eg, http://localhost - should not be empty for productive servers define('HTTPS_SERVER', 'https://hornet.mysecure.co.nz/~grandpas'); // eg, https://localhost - should not be empty for productive servers define('ENABLE_SSL', true); // secure webserver for checkout procedure? define('HTTP_COOKIE_DOMAIN', 'www.grandpas.co.nz'); define('HTTPS_COOKIE_DOMAIN', 'hornet.mysecure.co.nz/~grandpas'); define('HTTP_COOKIE_PATH', '/bootstrapV2/'); define('HTTPS_COOKIE_PATH', '/bootstrapV2/'); define('DIR_WS_HTTP_CATALOG', '/bootstrapV2/'); define('DIR_WS_HTTPS_CATALOG', '/bootstrapV2/'); With regard to posts 5 & 6 Ive tried both, Ive tried combinations, still nothing works The current message on the screen is "The page isn't redirecting properly Firefox has detected that the server is redirecting the request for this address in a way that will never complete. This problem can sometimes be caused by disabling or refusing to accept cookies." Im really unsure what to do next as ive spent hours and hours trying to get this to work. Kind regards Grandpa Link to comment Share on other sites More sharing options...
MrPhil Posted September 23, 2014 Share Posted September 23, 2014 Also try the other way for both: https://hornet.mysec...nz/~grandpas. It's very common to see ~AccountName as the first directory on a server for shared SSL, but rare to see it on a normal (non-shared-SSL) server. Link to comment Share on other sites More sharing options...
Jack_mcs Posted September 23, 2014 Share Posted September 23, 2014 @@grandpa I'm confused as whether the problem is with admin or the shop since you mention both. But the shop side is working fine that I can see. Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
Guest Posted September 23, 2014 Share Posted September 23, 2014 @@Jack_mcs Sorry for the confusion, the shop part is working fine, I only posted that code as I thought someone might pick something up thats in that code but needs to be also in the admin configure.php file Is there anything else that could potentially cause this problem I am having with securing the admin side thru a secure server. I have got the htaccess file set as follows, ##### OSCOMMERCE ADMIN PROTECTION - BEGIN #####AuthType BasicAuthName "osCommerce Online Merchant Administration Tool"Require valid-user##### OSCOMMERCE ADMIN PROTECTION - END #####AuthUserFile "/home/grandpas/.htpasswds/public_html/bootstrapV2/admin/passwd" ##### OSCOMMERCE ADMIN PROTECTION - BEGIN #####AuthType BasicAuthName "osCommerce Online Merchant Administration Tool"AuthUserFile /home/grandpas/public_html/bootstrapV2/admin/.htpasswd_oscommerceRequire valid-user##### OSCOMMERCE ADMIN PROTECTION - END ##### (Please note that "admin" is not the correct file name now, it has been changed.} Many thanks for your help. Kind regards Grandpa Link to comment Share on other sites More sharing options...
De Dokta Posted September 23, 2014 Share Posted September 23, 2014 I have got the htaccess file set as follows, ##### OSCOMMERCE ADMIN PROTECTION - BEGIN ##### AuthType Basic AuthName "osCommerce Online Merchant Administration Tool" Require valid-user ##### OSCOMMERCE ADMIN PROTECTION - END ##### AuthUserFile "/home/grandpas/.htpasswds/public_html/bootstrapV2/admin/passwd" ##### OSCOMMERCE ADMIN PROTECTION - BEGIN ##### AuthType Basic AuthName "osCommerce Online Merchant Administration Tool" AuthUserFile /home/grandpas/public_html/bootstrapV2/admin/.htpasswd_oscommerce Require valid-user ##### OSCOMMERCE ADMIN PROTECTION - END ##### What a mess! :x It should be either: ##### OSCOMMERCE ADMIN PROTECTION - BEGIN ##### AuthType Basic AuthName "osCommerce Online Merchant Administration Tool" AuthUserFile "/home/grandpas/.htpasswds/public_html/bootstrapV2/admin/passwd" Require valid-user ##### OSCOMMERCE ADMIN PROTECTION - END ##### or: ##### OSCOMMERCE ADMIN PROTECTION - BEGIN ##### AuthType Basic AuthName "osCommerce Online Merchant Administration Tool" AuthUserFile /home/grandpas/public_html/bootstrapV2/admin/.htpasswd_oscommerce Require valid-user ##### OSCOMMERCE ADMIN PROTECTION - END ##### but never ever both in one file! I guess the second version is correct. J.J. Link to comment Share on other sites More sharing options...
Guest Posted September 23, 2014 Share Posted September 23, 2014 @@De Dokta Hi JJ Many thanks, at least thats tidied that up Cheers Grandpa Link to comment Share on other sites More sharing options...
Jack_mcs Posted September 23, 2014 Share Posted September 23, 2014 Please post your admins configure file again, minus the login. Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
MrPhil Posted September 23, 2014 Share Posted September 23, 2014 If your hosting service control panel offers a "one button" way to password protect a directory (and its children), use that in preference to what osC ships. It (your host's control panel) is much more likely to be fully compatible with your server than some generic code shipped by an application (osC). Link to comment Share on other sites More sharing options...
Guest Posted September 23, 2014 Share Posted September 23, 2014 @@Jack_mcs Hi Heres my configure.php file, the strange thing is that in BS2334 everything worked fine thru the secure server. Has only "stopped" working since upgrade to BS234 <?php define('HTTP_SERVER', 'http://grandpas.co.nz'); define('HTTPS_CATALOG_SERVER', 'https://hornet.mysecure/~grandpas'); define('ENABLE_SSL_CATALOG', 'true'); define('DIR_FS_DOCUMENT_ROOT', '/home/grandpas/public_html/bootstrapV2/'); define('DIR_WS_ADMIN', '/bootstrapV2/admin/'); define('DIR_WS_HTTPS_ADMIN', '/bootstrapV2/admin/');//don't know whether this is correct define('DIR_FS_ADMIN', '/home/grandpas/public_html/bootstrapV2/admin/'); define('DIR_WS_CATALOG', '/bootstrapV2/'); define('DIR_WS_HTTPS_CATALOG', '/bootstrapV2/'); define('DIR_FS_CATALOG', '/home/grandpas/public_html/bootstrapV2/'); define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/'); define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/'); define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/'); define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/'); define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/'); Many thanks Grandpa Link to comment Share on other sites More sharing options...
Jack_mcs Posted September 23, 2014 Share Posted September 23, 2014 Try changing define('HTTP_SERVER', 'https://grandpas.co.nz'); to define('HTTP_SERVER', 'https://hornet.mysecure/~grandpas'); Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
Guest Posted September 24, 2014 Share Posted September 24, 2014 @@Jack_mcs Tried that, still no go. I did try to add additional security thru passwording the "admin" section via the control panel, but it seems that for that to work you can't htacces password in oscommerce. I now get the browser message that firefox can't find hornet.mysecure. When I take a look at the admin thru BS2334 there's no problem, so Im wondering if the problem maybe in the new code for BS234 somewhere. It appears that the urlis correct as I have also asked for comment from the web sites host. What next, I don't know. Maybe stick with BS2334 Look forward to your comments Cheers John Link to comment Share on other sites More sharing options...
♥joli1811 Posted September 24, 2014 Share Posted September 24, 2014 define('HTTP_SERVER', 'https://grandpas.co.nz'); can never be right because you are writing https:/ on define('HTTP_SERVER Would not worry to much it does just seem to be a configure problem using a test shop If the SSL is set up to use define('HTTPS_CATALOG_SERVER', 'https://hornet.mysecure/~grandpas'); maybe he simply does not want to go to/ https://hornet.mysecure/~grandpas'); /bootstrapV2 To improve is to change; to be perfect is to change often. Link to comment Share on other sites More sharing options...
Guest Posted September 24, 2014 Share Posted September 24, 2014 @@joli1811 Hi John "Would not worry to much it does just seem to be a configure problem using a test shop" I don't seem to have this problem with BS2334 test shop I have, the problem I have is when I use BS234. Interesting. Cheers John Link to comment Share on other sites More sharing options...
♥joli1811 Posted September 24, 2014 Share Posted September 24, 2014 define('HTTPS_SERVER', ''); //test define('ENABLE_SSL', false); //turn to true define('HTTP_COOKIE_DOMAIN', '');//forget at the minute define('HTTPS_COOKIE_DOMAIN', '');//forget at the minute define('HTTP_COOKIE_PATH', '');//forget at the minute define('HTTPS_COOKIE_PATH', '');//forget at the minute and define('DIR_WS_HTTPS_ADMIN', '/admin/');//test are the changes in 2.3.4 so just isolate and play about with the test settings To improve is to change; to be perfect is to change often. Link to comment Share on other sites More sharing options...
Jack_mcs Posted September 24, 2014 Share Posted September 24, 2014 define('HTTP_SERVER', 'https://grandpas.co.nz'); can never be right because you are writing https:/ on define('HTTP_SERVER It's not right because the domain doesn't have an ssl in this case. Otherwise, when an ssl is used in admin, whether it is shared or private, 'HTTP_SERVER' should always be set to https. Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
Jack_mcs Posted September 24, 2014 Share Posted September 24, 2014 @@grandpa The configure file changed with the latest version so you can't use the one from the previous version. If your control panel offers an installation option, I suggest you install using that and then see how it sets up the configure file. I think the problem is probably that you don't have the username in the right places. Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
Guest Posted September 24, 2014 Share Posted September 24, 2014 @@Jack_mcs Thanks for all your help. The control panel our host uses still installs the old 2.3.1 version. Might ask them when they are going to up date. Cheers Grandpa Link to comment Share on other sites More sharing options...
danil0 Posted October 4, 2014 Share Posted October 4, 2014 Hello I m starting the 2.3.4 version and I stack on ADMIN configure.php define('HTTP_SERVER', 'http://www.xxxxxxxx.com'); // eg, http://localhost or - https://localhost should not be NULL for productive servers define('HTTPS_SERVER', ''); define('ENABLE_SSL', false); define('HTTP_COOKIE_DOMAIN', ''); define('HTTPS_COOKIE_DOMAIN', ''); define('HTTP_COOKIE_PATH', ''); define('HTTPS_COOKIE_PATH', ''); define('HTTP_CATALOG_SERVER', 'http://www.xxxxxxxxx.com/e-shop'); define('HTTPS_CATALOG_SERVER', ''); define('ENABLE_SSL_CATALOG', 'false'); // secure webserver for catalog module define('DIR_FS_DOCUMENT_ROOT', $DOCUMENT_ROOT); // where your pages are located on the server. if $DOCUMENT_ROOT doesnt suit you, replace with your local path. (eg, /usr/local/apache/htdocs) define('DIR_WS_ADMIN', '/e-shop/trikala/'); define('DIR_WS_HTTPS_ADMIN', ''); define('DIR_FS_ADMIN', DIR_FS_DOCUMENT_ROOT . DIR_WS_ADMIN); define('DIR_WS_CATALOG', '/e-shop/'); define('DIR_WS_HTTPS_CATALOG', ''); define('DIR_FS_CATALOG', DIR_FS_DOCUMENT_ROOT . DIR_WS_CATALOG); define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/'); define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/'); define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/'); define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/'); define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/'); please do you see any obvious mistake ?? am I blind or something?? I get the "to many redirections" error!! Link to comment Share on other sites More sharing options...
danil0 Posted October 5, 2014 Share Posted October 5, 2014 help please! Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.