tim_ver Posted June 3, 2014 Share Posted June 3, 2014 I just installed the SSL certificate on my domain, and wanted to know what files I need to update/change/modify now. I am using Oscommerce version 2.3.3.3. Link to comment Share on other sites More sharing options...
Jack_mcs Posted June 3, 2014 Share Posted June 3, 2014 You need to modify both the includes/configure.php and admin/includes/configure.php files. You should also look at this thread. Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
tim_ver Posted June 3, 2014 Author Share Posted June 3, 2014 Ok, thanks. I looked at the thread and I have done some of these already. Have few questions though. 1.) Move the .htpasswd file: So I move the .htpasswd_oscommerce file from the default location Catalog/Admin/ to Catalog/ ? 2.) Move the complete admin - Do you have a step by step on how to do this please? 3.) Install one of the trap programs - Are these in the addon's area? I checked and could not find any of them for my version (searching for version 2.3). Link to comment Share on other sites More sharing options...
Jack_mcs Posted June 3, 2014 Share Posted June 3, 2014 The htpasswd file should be above the web directory. If you are using 2.3, I'm not sure you can do that without editing the code, though I've not looked at it. But if you are using the .htaccess method with 2.3, you should be using the servers option of password protection so that you can change the username and password. And, in that case, you can place that file where you like. The admin is just a directory that you access through the domain name. If your shop is already in the root of the shop, then you can't move the admin, unless you have another server, which would be overkill, I think. But if your shop is in a sub-directory already, like ...com/shop, your admin would be something like ...com/shop/admin. In that case, it could be moved so that it is at ...com/admin. I haven't checked on all of the addons but they are there. View Counter is here (it's mine so I know its location). You can search for the others but they are there. Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
tim_ver Posted June 3, 2014 Author Share Posted June 3, 2014 Ok, I updated both configure.php files for the first few lines of code as seen below. Catalog: <?php define('HTTP_SERVER', 'http://www.domain.com'); define('HTTPS_SERVER', 'https://www.domain.com'); define('ENABLE_SSL', true); Admin: <?php define('HTTP_SERVER', 'http://www.domain.com'); define('HTTP_CATALOG_SERVER', 'http://www.domain.com'); define('HTTPS_CATALOG_SERVER', 'https://www.domain.com'); define('ENABLE_SSL_CATALOG', 'true'); But I get a triangle next to the domain address now (not the padlock symbol) with an explenation point in it - when I click it it says the following: This website does not supply identity information The connection to this website is not fully secure because it contains unencrypted elements (such as images) What am I missing here, how do I fix this issue and get the padlock displayed (full encryption) instead of the triagle with the explenation point? Link to comment Share on other sites More sharing options...
Jack_mcs Posted June 3, 2014 Share Posted June 3, 2014 For the shop side, it might be that you are trying to view a page that isn't meant to be secure. Try clicking on the my account or login link on the site. It should switch to ssl mode with no errors. It could also mean that you have non-secure links on a secure page. For the admin, read this post. Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
tim_ver Posted June 3, 2014 Author Share Posted June 3, 2014 I went to the acount page and it still shows the triangle with the exclamation point on it. I have attached a screen shot also - How do I fix this issue? Link to comment Share on other sites More sharing options...
MrPhil Posted June 3, 2014 Share Posted June 3, 2014 It appears to be saying two things: It doesn't like something about your SSL certificate. This is independent of osC. You'll have to consult with whoever sold you (or installed) the certificate. You have some http: items (images, javascript, css, etc.) embedded on your page. Are you trying to apply SSL https: to pages that are not normally SSL? Link to comment Share on other sites More sharing options...
burt Posted June 3, 2014 Share Posted June 3, 2014 That error means that you have insecure content on a secure page. You need to find the insecure content and make it secure. Instead of letting guys like @@Jack_mcs and @@MrPhil use their cystal ball to try to guess your sites problems and then try to guess a solution, why not just post a link to a problematic page at your site. If you don't want to write your URL in this forum, tinyurl it. Help us to help you. Link to comment Share on other sites More sharing options...
tim_ver Posted June 3, 2014 Author Share Posted June 3, 2014 Ok, here is a link to the login page. - http://tinyurl.com/l4luoyd After you create an account and login you will see the issue I have with the ssl and the triangle at the top next to the address. Link to comment Share on other sites More sharing options...
Bob Terveuren Posted June 3, 2014 Share Posted June 3, 2014 Hi - run an https page through www.whynopadlock.com and you'll get the results - on the page I'm looking at it's saying just one insecure item: Insecure URL: /images/STORE2.png Somewhere in your site template there's a link to that image - try changing it to use the tep_href_link with SSL option or simply to relative link Link to comment Share on other sites More sharing options...
tim_ver Posted June 3, 2014 Author Share Posted June 3, 2014 ok, I though by default in the config file image folder was ssl protected? Can you provide more info on how to do this fix? Link to comment Share on other sites More sharing options...
tim_ver Posted June 3, 2014 Author Share Posted June 3, 2014 I fixed it. Thanks Link to comment Share on other sites More sharing options...
MrPhil Posted June 4, 2014 Share Posted June 4, 2014 Folders (directories) are not SSL "protected". You can add .htaccess protection and various other things to keep people out of folders. SSL only encrypts traffic between the browser and the server, so that someone tapping the line in-between and listening in won't easily be able to view the plain text. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.