Jump to content

Archived

This topic is now archived and is closed to further replies.

Simplyeasier

The SSL In OsCommerce Guide For The Innocent

Recommended Posts

wait wait wait, CitizenZed, are you trying to resolve my issues or asking helps? I say this, is because i'm confusing when i reading your reply. :P

 

Oh crap.... sorry smithveg. I've been having my own nightmares. Yeah, trying to fix my own problems.

Share this post


Link to post
Share on other sites
Oh crap.... sorry smithveg. I've been having my own nightmares. Yeah, trying to fix my own problems.

 

I'm not sure why you want to do the complicated thing to set up SSL. I would suggest you to have a read at,

http://forums.oscommerce.com/index.php?showtopic=151162

 

Jus give a reply if you need more helps. And i will come back to you after 5 hours, I go study, bye :P


****

Hello World! ^.^ I'm a Internet naive. Browse my working profile

Malaysia Web Services - OPerion Website Marketing System

Share this post


Link to post
Share on other sites
Ok I have a proplem when I goto a secured part it comes up 404 page not found what am i dont wrong.

 

I had the same problem, read this forum 3 times, spent hours and hours trying to figure it out. Turns out, my host hadn't fully completed the install. I hate Midphase.


Ebaby.ca - Toothbrush.ca - Halitosis.ca - Templatemonster.ca - Adultfriendfinders.ca

Share this post


Link to post
Share on other sites
I had the same problem, read this forum 3 times, spent hours and hours trying to figure it out. Turns out, my host hadn't fully completed the install. I hate Midphase.

 

THe problem was the host. They had not configured it properly. But now I get the certificate error. My admin is secure in Firefox but not in ie7, I get the secure non secure crap and the unsecure logo, it looked more secure before I got this certificate error.

 

Belz.


Ebaby.ca - Toothbrush.ca - Halitosis.ca - Templatemonster.ca - Adultfriendfinders.ca

Share this post


Link to post
Share on other sites
I had the same problem, read this forum 3 times, spent hours and hours trying to figure it out. Turns out, my host hadn't fully completed the install. I hate Midphase.

 

Hi, i'm not much understand in this and cannot give you any solutions in it. Since you spent lots of time in forum. You can try to PM some people. :)


****

Hello World! ^.^ I'm a Internet naive. Browse my working profile

Malaysia Web Services - OPerion Website Marketing System

Share this post


Link to post
Share on other sites

hey Alan i need u man

 

for

https://storm.secureguards.com/~hellas1/e-shop/env.php i get

 

$HTTP_HOST == storm.secureguards.com

$HTTPS_HOST ==

getenv('SERVER_PORT') == 443

getenv('HTTPS') == on

getenv('HTTP_X_FORWARDED_SERVER') ==

getenv('HTTP_X_FORWARDED_HOST') ==

getenv('HTTP_X_FORWARDED_BY') ==

$_SERVER['HTTPS'] == on

getenv('DOCUMENT_ROOT') == /home/storm/public_html

$DOCUMENT_ROOT == /home/storm/public_html

 

and for

http://www.hellasfon.com/e-shop/env.php i get

 

$HTTP_HOST == www.hellasfon.com

$HTTPS_HOST ==

getenv('SERVER_PORT') == 80

getenv('HTTPS') ==

getenv('HTTP_X_FORWARDED_SERVER') ==

getenv('HTTP_X_FORWARDED_HOST') ==

getenv('HTTP_X_FORWARDED_BY') ==

$_SERVER['HTTPS'] ==

getenv('DOCUMENT_ROOT') == /home/hellas1/public_html

$DOCUMENT_ROOT == /home/hellas1/public_html

 

how will i have all elements in https so that lock in Explorer invokes?

and that "both secure and no secure items" message disappear?

P.S i have the lock when i browse from mozzila

how will i reach /home/storm/public_html

 

any comment will be helpfull ,thanks

Share this post


Link to post
Share on other sites
Thanks, I have tried everything i could find on this thread.

 

Mostly, people seemed to have solved the no admin ssl problem by changing the admin/configure.php file as ffollow:

change the top http server ssetting
define('HTTP_SERVER', 'http://www.mysite.com');
to
define('HTTP_SERVER', 'https://mysite.com');

 

Sadly, this didn't work for me.

 

I tried all types of different configurations too in the config file for admin. nothing works.

 

I even tried the getenv tests that AlanR posted and my server does respond to 'on' so i have no need to change my code in application_top.php.

 

I am still at a loss and have no clue how to simply get the admin ssl working correctly.

 

I followed the instructions on the first post over and over, looking for errors. Obviously that post is good but incomplete in its claims. At least for me...

 

Still looking for a help!

 

here is my admin/configure.php

  define('HTTP_SERVER', 'http://www.mysite.com'); // eg, http://localhost or - https://localhost should not be NULL for productive servers
 define('HTTP_CATALOG_SERVER', 'http://www.mysite.com');
 define('HTTPS_CATALOG_SERVER', 'https://mysite.com');
 define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module
 define('DIR_FS_DOCUMENT_ROOT', $DOCUMENT_ROOT); // where your pages are located on the server. if $DOCUMENT_ROOT doesnt suit you, replace with your local path. (eg, /usr/local/apache/htdocs)
 define('DIR_WS_ADMIN', '/admin/');
 define('DIR_FS_ADMIN', DIR_FS_DOCUMENT_ROOT . DIR_WS_ADMIN);
 define('DIR_WS_CATALOG', '/catalog/');
 define('DIR_FS_CATALOG', DIR_FS_DOCUMENT_ROOT . DIR_WS_CATALOG);
 define('DIR_WS_IMAGES', 'images/');

 

Chris

 

 

Hi after struggling with this same problem of no ssl in Admin etc I finally solved it using the above solution but I changed the http to https in both admin and catalog configure.php

 

Hope this helps everyone.

Jim

Share this post


Link to post
Share on other sites
I guess I better add this tip here, it's the logical place after all.

 

This is for people who are having trouble getting ssl to work, especially shared ssl. The way I've written it is oriented towards a 1&1 server but its use is general and applies to all servers. It's all about setting line 41 in application_top.php for those cases where the standard query does not work.

 

This is line 41:

 

$request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';

 

Now that's a very narrow test and lots of servers won't respond with on (or at all) to that. So the trick is to find out how the server does respond.

 

Create a little file, I named it myenv.php, with these lines:

 

<?php
 echo 'HTTP HOST: ' . "$HTTP_HOST";
 echo '<br>Server Port: ' . getenv('SERVER_PORT');
 echo '<br>SSL Status: ' . getenv('HTTPS');
 echo '<br>Fowarded Server: ' . getenv('HTTP_X_FORWARDED_SERVER');
 echo '<br>Fowarded Host: ' . getenv('HTTP_X_FORWARDED_HOST');
 echo '<br>Fowarded By: ' . getenv('HTTP_X_FORWARDED_BY');
?>

 

Brilliant. As others have said, this sorted my problems out. I knew it was the base href for the page that was wrong but didn't know where it was getting it's wrong value from. I'm on 1and1 also. Thanks a lot.

Share this post


Link to post
Share on other sites

hi i bought a ssl certificate fro rapidssl i installed it into my server and had change bnoth admin/include/configure.php and catalog/include/configure.php

 

When i use the https://www.sgonlines.com url what i get is the page cannot be display ... someone please help me

Share this post


Link to post
Share on other sites
hi i bought a ssl certificate fro rapidssl i installed it into my server and had change bnoth admin/include/configure.php and catalog/include/configure.php

 

When i use the https://www.sgonlines.com url what i get is the page cannot be display ... someone please help me

I think you type wrong configuration to both admin/include/configure.php and catalog/include/configure.php

I have RapidSSL too. I'm installed it today and all works perfect. I found that you use .htaccess to secure you directories and your shop have a lot of security shells. post me PM with yours both configure.php or you can read some threads.

Share this post


Link to post
Share on other sites

Hi i just asked my host to help me install the ssl. Catalog is working fine. But when i log into admin and click on all the links under admin it shows 404 error

Share this post


Link to post
Share on other sites
Hi i just asked my host to help me install the ssl. Catalog is working fine. But when i log into admin and click on all the links under admin it shows 404 error

 

this message shown whenever i log into admin page and click on all the links

Share this post


Link to post
Share on other sites

Hi

 

Just installed a new dedicated SSL Cert on my server, all appereared to be working well.

 

The checkout process works as it should, but the customer account pages are not switching to Https ?

 

these pages are not being secured -

 

account.php

account_edit.php

account_history.php

address_book.php

account_notifications.php

Login.php

 

 

But if chose to view my "account_history_info.php" while browsing my account or if I edit any of my info , after i complete the edit and click the continue button it switches to SSL when i return to account.php ????

 

I have the best_login Box mod installed , none of the links from that box take me to a secure page.

 

Also , after completing a test order , after checkout success I return to Index.php which shows as SSL ?? untill i click a link , then it changes back to non-SSL ??

 

Final question ...is the cart contents , shopping_cart.php , supposed to be SSL ?

 

I would really appreciate some help , i have read this whole thread and not found an answer.

 

If it is the links from the log-in box MOD, what should those link contain to get Https ??

 

quick edit - the links from the log-in box look like this

 

'<a href="' . tep_href_link(FILENAME_ACCOUNT_EDIT, '', 'NONSSL') . '">' . LOGIN_BOX_ACCOUNT_EDIT . '</a><br>' .

Share this post


Link to post
Share on other sites

Ok , i just changed

 

'<a href="' . tep_href_link(FILENAME_ACCOUNT_EDIT, '', 'NONSSL') . '">' . LOGIN_BOX_ACCOUNT_EDIT .

'</a><br>' .

 

 

to this

 

 

'<a href="' . tep_href_link(FILENAME_ACCOUNT_EDIT, '', 'SSL') . '">' . LOGIN_BOX_ACCOUNT_EDIT . '</a><br>' .

 

can someone confirm that this is the correct way to do this ?

 

it is working ok now ,

Share this post


Link to post
Share on other sites
I think you type wrong configuration to both admin/include/configure.php and catalog/include/configure.php

I have RapidSSL too. I'm installed it today and all works perfect. I found that you use .htaccess to secure you directories and your shop have a lot of security shells. post me PM with yours both configure.php or you can read some threads.

Hello,

 

I have the excate same problem.. Can you let me know what editing you did with the .htaccess file?

 

I followed all the instructions but i cant get any https pages to load..

 

Thanks

 

Lee.

Share this post


Link to post
Share on other sites
My SSL works fine in the catalog area , but not in ADMIN ??

 

I've read this thread , searched , posted , but had no joy yet.

 

I've run the script posted by alanR , the mynev one , ran it on the https and http and eventually got the result of "443" , so i put that in catalog/includes/application_top.php ..... checked all the other files mentioned, but no joy in scuring the admin area.

 

I log into admin on HTTPS , get the padlock and the "you are protected by an unknown .....blah , blah" then when i enter any admin section other than the first screen i'm back to non-secure ????

any help

 

 

make sure in the admin/includes/configure.php all the http is converted into https

 

define('HTTP_SERVER', 'https://www.yoursite.com/'); // eg, http://localhost - should not be empty for productive servers

define('HTTP_CATALOG_SERVER', 'https://www.yoursite.com/');

define('HTTPS_CATALOG_SERVER', 'https://www.yoursite.com/');

Share this post


Link to post
Share on other sites

You are a true guide!!!! Thank you so much for this information. I've been trying to fix this ssl issue for 9 hours searching and reading through all the stuff.. I guess perseverance does pay off.. again thank you..

 

 

I guess I better add this tip here, it's the logical place after all.

 

This is for people who are having trouble getting ssl to work, especially shared ssl. The way I've written it is oriented towards a 1&1 server but its use is general and applies to all servers. It's all about setting line 41 in application_top.php for those cases where the standard query does not work.

 

This is line 41:

 

$request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';

 

Now that's a very narrow test and lots of servers won't respond with on (or at all) to that. So the trick is to find out how the server does respond.

 

Create a little file, I named it myenv.php, with these lines:

 

<?php
 echo 'HTTP HOST: ' . "$HTTP_HOST";
 echo '<br>Server Port: ' . getenv('SERVER_PORT');
 echo '<br>SSL Status: ' . getenv('HTTPS');
 echo '<br>Fowarded Server: ' . getenv('HTTP_X_FORWARDED_SERVER');
 echo '<br>Fowarded Host: ' . getenv('HTTP_X_FORWARDED_HOST');
 echo '<br>Fowarded By: ' . getenv('HTTP_X_FORWARDED_BY');
?>

 

If you put that somewhere on the server, probably root and run it like so:

 

https://ssl.shared.com/mydomain.com/myenv.php you'll be able to see how the server responds to these queries. You'll need to change this to fit your situation but you get the idea.

 

Some dedicated ssls respond with a 1 instead of on to No. 3 for example.

 

Shared servers may respond differently to 4 & 5 but 1&1 gives the same response to both.

 

Once you know how the server answers these queries you can figure out the best solution for line 41 in application_top.php.

 

If, for example, you have a dedicated ssl and query 3 returns a 1 then you simply change line 41 to:

 

$request_type = (getenv('HTTPS') == '1') ? 'SSL' : 'NONSSL';

 

Frequently on shared servers you'll get no response at all to getenv('HTTPS'). This is where the other responses are useful (and most people have problems).

 

For example shared 1&1 returns ssl.perfora.net to queries 4 and 5. So setting line 41 line as below does the trick (I'm commenting out the original line for reference).

 

// $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';

$request_type = (getenv('HTTP_X_FORWARDED_HOST') == 'ssl.perfora.net') ? 'SSL' : 'NONSSL';

 

Here's another case:

 

The standard ssl port for dedicated ssl is 443 (the standard http port is 80). I've seen dedicated ssl which returns no response for getenv('HTTPS') but does return a 443. In this case you can set line 41, testing for port 443, like so:

 

$request_type = (getenv('SERVER_PORT') == '443') ? 'SSL' : 'NONSSL';

 

The best way to use the script is to run it in both http and https environments and look at the differences in the responses. You want to pick a response which is unique to ssl (your https connection), it's no use to pick something which stays the same in both modes, you want to pick something to make a switch.

Share this post


Link to post
Share on other sites

I've scoured this thread to no avail, I think I'm going crazy...my admin is secure, but I can't get my catalog secured (unless I just type in https).

 

When I change my shop/includes/configure.php to enable SSL the file mysteryiously changes itself back to the way it was when I access the website! Thoughts?

 

Thanks, Jon

Share this post


Link to post
Share on other sites
I've scoured this thread to no avail, I think I'm going crazy...my admin is secure, but I can't get my catalog secured (unless I just type in https).

 

When I change my shop/includes/configure.php to enable SSL the file mysteryiously changes itself back to the way it was when I access the website! Thoughts?

 

Thanks, Jon

 

make sure that you set the define('HTTPS_SERVER'... with a url starting with https just like below.

 

define('HTTP_SERVER', 'http://www.pedronandson.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://www.pedronandson.com'); // eg, https://localhost - should not be empty for productive servers

Share this post


Link to post
Share on other sites
make sure that you set the define('HTTPS_SERVER'... with a url starting with https just like below.

 

define('HTTP_SERVER', 'http://www.pedronandson.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://www.pedronandson.com'); // eg, https://localhost - should not be empty for productive servers

 

 

STUPID ME! Ignore my previous post! I just realized that I had not given myself write permission on the offending file. When I did that everything worked perfectly!

 

Thanks all!

Share this post


Link to post
Share on other sites

I just installed an ssl certificate and something really weird happened.

 

The links in the catagories infobox changed from my links to the links from someone elses infobox. The site is someone else's oscommerce site I've never even heard of before. I used godaddy turbo ssl (which is where I'm also hosted) and this site I'm mysteriously linked to uses godaddy turbo ssl too. I wonder if godaddy somehow got some of our files mixed up or what's going on. Has this ever happed to anyone else? I'm really confused about how this could of happened what to do to fix it.


My site: Medieval Swords

Share this post


Link to post
Share on other sites
I just installed an ssl certificate and something really weird happened.

 

The links in the catagories infobox changed from my links to the links from someone elses infobox. The site is someone else's oscommerce site I've never even heard of before. I used godaddy turbo ssl (which is where I'm also hosted) and this site I'm mysteriously linked to uses godaddy turbo ssl too. I wonder if godaddy somehow got some of our files mixed up or what's going on. Has this ever happed to anyone else? I'm really confused about how this could of happened what to do to fix it.

 

I figured out how to fix this. I'm not sure why it did it in the first place but disabling the cache stopped the problem. Strangely enough the cache had been enabled for a while and had never done this before. I still wish I knew why it would do something so weird in the first place.


My site: Medieval Swords

Share this post


Link to post
Share on other sites

Hi All,

 

I have read all this thread and run the tests to find out what my server responds to for SSL detection.

 

However my host seems to have an obscure respone to the SSL request and I cant find a good test for setting the value of the $request_type variable in application_top.php

 

I am now using the $_SERVER['HTTP_HOST'] which responds with the shared ssl server name or the non-ssl name

(https: responds with rpc.secure1.onthenet.net and http: www.rpc.com.au as setup in configure.php)..

 

The results for the test php script posted by AlanR gives me the same port for both SSL and NONSSL connections and no response to the other tests....

 

SSL REQUEST

getenv('SERVER_PORT') == 80 <<<<<<<<<< This is the same for both SSL and NONSSL

getenv('HTTPS') ==

getenv('HTTP_X_FORWARDED_SERVER') ==

getenv('HTTP_X_FORWARDED_HOST') ==

getenv('HTTP_X_FORWARDED_BY') ==

$_SERVER['HTTPS'] ==

getenv('DOCUMENT_ROOT') == /vhosts/rpc.com.au/www

 

So my idea is to detect if it was a secure url by looking at the $_SERVER['HTTP_HOST'] variable.

This may tell me if it a secure page has been called from the configure.php settings for the SSL url or a NONSSL url

 

$_Server['HTTP_HOST'] variables ==rpc.secure1.onthenet.net

or

$_Server['HTTP_HOST'] variables ==www.rpc.com.au

 

Any comments on this trick to get the $request_type variable set to SSL so my padlock is shown!

Share this post


Link to post
Share on other sites

Hey Alan (or anyone else that would like to help),

 

My client is on Yahoo and I have a few issues with a broken SSL lock on the secure pages.

 

I ran myenv.php and changed line 41 in application_top.php to:

 

$request_type = (getenv('SERVER_PORT') == '443') ? 'SSL' : 'NONSSL';

 

Now, I have a closed lock but my images don't show up. I assume this might have something to do with my config files, but I've read through your posts and can't seem to find a fix.

 

My catalog/includes/configure.php

 

define('HTTP_SERVER', 'http://www.fabulalife.com'); // eg, http://localhost - should not be empty for productive servers
 define('HTTPS_SERVER', 'https://s.p10.hostingprod.com/@fabulalife.com'); // eg, https://localhost - should not be empty for productive servers
 define('ENABLE_SSL', true); // secure webserver for checkout procedure?
 define('HTTP_COOKIE_DOMAIN', 'www.fabulalife.com');
 define('HTTPS_COOKIE_DOMAIN', 's.p10.hostingprod.com');
 define('HTTP_COOKIE_PATH', '/catalog/');
 define('HTTPS_COOKIE_PATH', '/ssl/');
 define('DIR_WS_HTTP_CATALOG', '/catalog/');
 define('DIR_WS_HTTPS_CATALOG', '/ssl/');
 define('DIR_WS_IMAGES', 'images/');
 define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
 define('DIR_WS_INCLUDES', 'includes/');
 define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
 define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
 define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
 define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
 define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');
 define('DIR_FS_CATALOG', '/catalog/');
 define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');
 define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

 

And admin/includes/configure.php

 

define('HTTP_SERVER', 'http://www.fabulalife.com'); // eg, http://localhost - should not be empty for productive servers
 define('HTTP_CATALOG_SERVER', 'http://www.fabulalife.com');
 define('HTTPS_CATALOG_SERVER', 'https://s.p10.hostingprod.com');
 define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module
 define('DIR_FS_DOCUMENT_ROOT', '/catalog/'); // where the pages are located on the server
 define('DIR_WS_ADMIN', '/catalog/admin/'); // absolute path required
 define('DIR_FS_ADMIN', '/catalog/admin/'); // absolute pate required
 define('DIR_WS_CATALOG', '/catalog/'); // absolute path required
 define('DIR_FS_CATALOG', '/catalog/'); // absolute path required
 define('DIR_WS_IMAGES', 'images/');
 define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
 define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/');
 define('DIR_WS_INCLUDES', 'includes/');
 define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
 define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
 define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
 define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
 define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');
 define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/');
 define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/');
 define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/');
 define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/');
 define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/');

 

Any help would be greatly appreciated!

 

Thanks,

Jill

 

I guess I better add this tip here, it's the logical place after all.

 

This is for people who are having trouble getting ssl to work, especially shared ssl. The way I've written it is oriented towards a 1&1 server but its use is general and applies to all servers. It's all about setting line 41 in application_top.php for those cases where the standard query does not work.

 

This is line 41:

 

$request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';

 

Now that's a very narrow test and lots of servers won't respond with on (or at all) to that. So the trick is to find out how the server does respond.

 

Create a little file, I named it myenv.php, with these lines:

 

<?php
 echo 'HTTP HOST: ' . "$HTTP_HOST";
 echo '<br>Server Port: ' . getenv('SERVER_PORT');
 echo '<br>SSL Status: ' . getenv('HTTPS');
 echo '<br>Fowarded Server: ' . getenv('HTTP_X_FORWARDED_SERVER');
 echo '<br>Fowarded Host: ' . getenv('HTTP_X_FORWARDED_HOST');
 echo '<br>Fowarded By: ' . getenv('HTTP_X_FORWARDED_BY');
?>

 

If you put that somewhere on the server, probably root and run it like so:

 

https://ssl.shared.com/mydomain.com/myenv.php you'll be able to see how the server responds to these queries. You'll need to change this to fit your situation but you get the idea.

 

Some dedicated ssls respond with a 1 instead of on to No. 3 for example.

 

Shared servers may respond differently to 4 & 5 but 1&1 gives the same response to both.

 

Once you know how the server answers these queries you can figure out the best solution for line 41 in application_top.php.

 

If, for example, you have a dedicated ssl and query 3 returns a 1 then you simply change line 41 to:

 

$request_type = (getenv('HTTPS') == '1') ? 'SSL' : 'NONSSL';

 

Frequently on shared servers you'll get no response at all to getenv('HTTPS'). This is where the other responses are useful (and most people have problems).

 

For example shared 1&1 returns ssl.perfora.net to queries 4 and 5. So setting line 41 line as below does the trick (I'm commenting out the original line for reference).

 

// $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';

$request_type = (getenv('HTTP_X_FORWARDED_HOST') == 'ssl.perfora.net') ? 'SSL' : 'NONSSL';

 

Here's another case:

 

The standard ssl port for dedicated ssl is 443 (the standard http port is 80). I've seen dedicated ssl which returns no response for getenv('HTTPS') but does return a 443. In this case you can set line 41, testing for port 443, like so:

 

$request_type = (getenv('SERVER_PORT') == '443') ? 'SSL' : 'NONSSL';

 

The best way to use the script is to run it in both http and https environments and look at the differences in the responses. You want to pick a response which is unique to ssl (your https connection), it's no use to pick something which stays the same in both modes, you want to pick something to make a switch.

Share this post


Link to post
Share on other sites

×