... and now you understand why the admin doesn't switch from HTTP to HTTPS automatically like the catalog.
You can run the whole Admin as SSL by changing your configure files. Change the HTTP paths to the HTTPS address.
... and now you understand why the admin doesn't switch from HTTP to HTTPS automatically like the catalog.
You can run the whole Admin as SSL by changing your configure files. Change the HTTP paths to the HTTPS address.
Please do not PM for support issues: a private solution doesn't benefit the community.
Be careful with unsolicited advice via email or PM - Make sure the person you are talking to is a reliable source.
I had changed the 2 defines to both point to HTTPS:
define('HTTP_SERVER', 'https://www.myserver.com');
define('HTTPS_SERVER', 'https://www.myserver.com');
Everything worked fine except for displaying the flag from the language directory. Every time I went to modify a catalog item, the dreaded "mixed secure and non-secure" message came up.
I finally changed the following text from HTTP_CATALOG_SERVER to HTTPS_CATALOG_SERVER and it seems to be working now.
define('DIR_WS_CATALOG_LANGUAGES', HTTPS_CATALOG_SERVER . DIR_WS_CATALOG . 'includes/languages/');
So if anyone needs to secure the Admin side of things (so USPS and Authorize.Net passwords are not sent in the clear when you modify their configs) just go to the Admin config file and change all 3 of the above defines to reflect HTTPS.
Aloha from Hawaii! (its a dirty job, but SOMEBODY has to live here...)