osCommerce and osCMax shopping cart software forums

Shopping Cart Software

osCommerce with teeth!

 

Secure site help

This is a discussion on Secure site help within the osCMax v1.7 Discussion forums, part of the osCMax v1.7 Forums category; At the risk of being chastised - I ask the following question. I have read every string with ssl or ...



Find us on Facebook
Go Back   osCommerce and osCMax shopping cart software forums > osCMax v1.7 Forums > osCMax v1.7 Discussion

Connect with Facebook Register FAQDonate Members List Calendar Mark Forums Read


Closed Thread

 

LinkBack Thread Tools
  #1  
Old 04-28-2004, 08:14 AM
CMWM's Avatar
Member
 
Join Date: Mar 2004
Posts: 40
Thanks: 2
Thanked 0 Times in 0 Posts
Rep Power: 0
CMWM
Default Secure site help

At the risk of being chastised - I ask the following question. I have read every string with ssl or https in it and have not had the answer yet. I have adjusted tweaked broken my cart fixed it from backup at least a hundred times looking for this.

I have secured my cart and set things up. They work well except that, many of the links take a person back to the http: instead of https: This happens in the cart contents, what's new, new products, information, and bestsellers. When sent for checkout or make an account it is secured. How do I change it so that it is all secure?

Thanks,
John
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
  #2  
Old 04-28-2004, 09:03 AM
jpf's Avatar
jpf jpf is offline
Moderator

 
Join Date: Sep 2003
Location: Manitoba, Canada
Posts: 2,681
Thanks: 12
Thanked 214 Times in 196 Posts
Rep Power: 20
jpf has much to be proud ofjpf has much to be proud ofjpf has much to be proud ofjpf has much to be proud ofjpf has much to be proud ofjpf has much to be proud ofjpf has much to be proud ofjpf has much to be proud ofjpf has much to be proud of
Default

OSC as a default only stays in secure mode when required - ie: accepting payment, check out process, entering/changing account info/password etc...

This is normal behavoir..... As HTTPS does cause a bit of work on the server side to encript the data. You could put your http server to be "https://yoursite.com" which would keep them in secure mode for the whole visit. However this is not really needed and put extra load on the server to encript a data stream that does not have to be.

But the choice is yours....

change in configure.php so both http and https matches:

define('HTTP_SERVER', 'https://yourscecurewebsite.com')
define('HTTPS_SERVER', 'https://yourscecurewebsite.com')

You can also change this seaming how you would allways be in secure mode:
define('ENABLE_SSL', false); // secure webserver for checkout procedure?

You can also set .htaccess to force http lookup to https lookup (but that is a whole other story).
__________________
JPF - osCMax Fourm Moderator - To contact, post on the forum or click here
Try out our osCMax at: Live Catalog Demo
Limited access Admin: Live Admin Demo
Feel free to add products they way you want and then purchase them -=+=- Sorry nothing will be billed or shipped!
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
  #3  
Old 04-30-2004, 03:59 AM
CMWM's Avatar
Member
 
Join Date: Mar 2004
Posts: 40
Thanks: 2
Thanked 0 Times in 0 Posts
Rep Power: 0
CMWM
Default

Thank you very much that answers what I needed. I will take your comments before I switch to fully protect the site.

Again, Thanks
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
  #4  
Old 04-30-2004, 01:47 PM
michael_s's Avatar
osCMax Developer


 
Join Date: Jul 2002
Location: Phoenix, AZ
Posts: 15,722
Thanks: 139
Thanked 607 Times in 519 Posts
Rep Power: 10
michael_s has a reputation beyond reputemichael_s has a reputation beyond reputemichael_s has a reputation beyond reputemichael_s has a reputation beyond reputemichael_s has a reputation beyond reputemichael_s has a reputation beyond reputemichael_s has a reputation beyond reputemichael_s has a reputation beyond reputemichael_s has a reputation beyond reputemichael_s has a reputation beyond reputemichael_s has a reputation beyond repute
Default

John,

Putting your site entirely in HTTPS is really incorrect usage of SSL and should be avoided. It slows down the server, connections, and on busy sites can really increase server load.

There is no need to use ssl anywhere on the catalog, other than the user login and checkout. I advise you to keep it only to where it is needed.
__________________
Michael Sasek
osCMax Developer

*** Do not PM me requesting paid help. The only paid work I do is for AABox Web Hosting customers ***

Stay Up To Date with everything osCMax:
Free osCMax Newsletters - Security notices, New Releases, osCMax News
osCMax on Twitter - Up to the minute info as it happens. Know it first.

osCMax User Manual - osCMax Templates - Advanced Template Tutorial

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Closed Thread

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads

Thread Thread Starter Forum Replies Last Post
How to Secure a Oscommerce Site? Evette0220 osCMax v2 Installation issues 1 10-31-2006 08:02 AM
Affiliate link secure non-secure kwiznoz osCMax v2 Installation issues 6 08-28-2005 01:08 PM
secure and none secure items ? pete76uk osCommerce 2.2 Installation Help 3 10-12-2004 01:51 PM
What folders to secure? PrettyWolfie osCommerce 2.2 Modification Help 4 08-01-2004 02:51 AM


All times are GMT -8. The time now is 06:00 PM.


Powered by vBulletin®
Copyright ©2000 - 2010, Jelsoft Enterprises Ltd.
SEO by vBSEO
Copyright 2009 osCMax
Inactive Reminders By Icora Web Design