Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

How to force ssl???


Jayman007

Recommended Posts

I am using ms2 and 28 Mar 2004 - Authorize.net Consolidated v.1.7 for AIM. Everything is setup and working fine. Both test and realtime charges go through correctly.

 

The only problem is that I want checkout_confirmation.php and checkout_payment.php to be ssl only. when I added the code

// Use this on any PHP document to redirect to same document through SSL

// The following code goes after the <?php declaration

// Begin Forced SSL

// Language: php

//

if ($_SERVER['SERVER_PORT'] != 443)

{

header("Location: https://$SERVER_NAME$REQUEST_URI");

exit;

}

// End Forced SSL

 

to those files I got a script error in my browser and no ssl session. Please help.

Edited by Jayman007
Link to comment
Share on other sites

  • 3 weeks later...

do you have an SSL certificate on your site? if so and you have SSL enabled in your configure.php file, your site will change automatically to be executed via SSL.

 

checkout_confirmation.php also will go through SSL.

 

It sounds like to me, you are trying to bypass having SSL on your site. If that is what you are trying to do, I do not recommend it. If you do accomplish this and someone who is purchasing from your site finds out, could cause troubles, etc, as they are transmitting payment and personal information over a non-secure site.

 

when someone logs in, it switches automatically to ssl, as well as when they modify their account.

 

the osCommerce development team has done a great job in making sure SSL is setup properly, with all you having to do is provide the SSL certificate and make very MINOR changes via the configure.php files ONLY.

Link to comment
Share on other sites

We have a dedicated Server with a single ssl certificate but we wish to host more than one site, the SSL certificate must be used for all of them. Is it possible to this and if so how?

 

Thanks!!

Link to comment
Share on other sites

Mark, you can do that, however that is not a portion here, that is for another forum/help board, for administering your web server. who you got your certificate from they can probably point you in the proper direction to do this.

 

do you host your own dedicated server or is it at some host?

Link to comment
Share on other sites

  • 3 months later...

ssl certificates are per site i believe

we have two on the same server

 

the code i added to oscommerce to make every page secure added as an include on every page (i think this works!)

 

 

<?

// MAKING SECURE PAGE LOAD

 

$secure_url = sprintf("%s%s%s","https://",$HTTP_HOST,$REQUEST_URI);

if(isset($_SERVER["HTTPS"])){

// do nothing

} else {

Header("Location: $secure_url");

}

// MADE SECURE PAGE LOAD

?>

 

i would not advise you to use the method you are using as SSL could be running on a different PORT i think if someone modified their settings

always here to offer some useless advice....

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...