Results 1 to 8 of 8
  1. #1
    Join Date
    Apr 2007
    Posts
    47
    Plugin Contributions
    0

    Default Advice needed on SSL

    Hi,

    Can experienced Zenners here advise on whether SSL should be got for the entire domain (www.example.com) or for the subdomain (secure.example.com)? In my case, I am going to install the store at the root of the domain, NOT at example.com/store.

    So, if my store is at www.example.com, can I put only the ordering and checkout at http://secure.example.com and get an SSL for that domain alone? The rest of the catalog, category and product info pages will not be under SSL. Is this okay?

    I was also wondering if I could use a self-generated SSL (cPanel) to secure the admin area as my client does not have a budget for a wildcard SSL that would allow them to secure any number of subdomains etc.

    Thanks in advance.

  2. #2
    Join Date
    Nov 2004
    Location
    Norfolk, United Kingdom
    Posts
    3,036
    Plugin Contributions
    2

    Default Re: Advice needed on SSL

    Zen Cart will only make 'https' those pages which need to be https. So save yourself a lot of bother and purchase a full ssl certificate for www.yourdomain.com. This will secure your Zen Cart 'admin' folder but not subdomains. So you won't need to use a 'self-generated' ssl cert for the Zen Cart admin panel area.

    Vger

  3. #3
    Join Date
    Oct 2006
    Location
    Alberta, Canada
    Posts
    4,571
    Plugin Contributions
    1

    Default Re: Advice needed on SSL

    Quote Originally Posted by meeven View Post
    Hi,

    Can experienced Zenners here advise on whether SSL should be got for the entire domain (www.example.com) or for the subdomain (secure.example.com)? In my case, I am going to install the store at the root of the domain, NOT at example.com/store.
    An SSL connection should not be used for every page of the Store. The choice of using (secure.example.com) is an excellent way to have one SSL Cert for many purposes. Not just ZenCart but also for other (separate) pages that you might want to be using an SSL connection for.


    So, if my store is at http://www.example.com, can I put only the ordering and checkout at http://secure.example.com and get an SSL for that domain alone? The rest of the catalog, category and product info pages will not be under SSL. Is this okay?
    Yes it is -but- could be a major pain to setup correctly. You would pretty much have to have two installs, one for each Domain name.

    Remember that Domain name used must be specific, for the SSL Cert.
    These are two separate and different Domain names:
    http://secure.example.com
    http://www.secure.example.com

    Best never to use 'www' in a Subdomain.


    I was also wondering if I could use a self-generated SSL (cPanel) to secure the admin area as my client does not have a budget for a wildcard SSL that would allow them to secure any number of subdomains etc.

    Thanks in advance.
    Don't see a problem as only your Client would be accessing the Admin area, so any SSL popup msgs. can be safely ignored by them. Might be best though, instead of using a self-generated SSL, to simply password protect the Admin directory. Although this means two logins for access, it gives much better protection than just using an SSL connection.
    Last edited by Website Rob; 24 Jul 2007 at 08:15 AM.

  4. #4
    Join Date
    Apr 2007
    Posts
    47
    Plugin Contributions
    0

    Default Re: Advice needed on SSL

    Many thanks for the tips, Vger and Website Rob.

    I have zencart installed at the root of the domain, so I assume that my configure.php files will look like this?

    includes/configure.php
    // Define the webserver and path parameters
    // HTTP_SERVER is your Main webserver: eg, http://www.yourdomain.com
    // HTTPS_SERVER is your Secure webserver: eg, https://www.yourdomain.com
    define('HTTP_SERVER', 'http://subdomain.example.com');
    define('HTTPS_SERVER', 'https://subdomain.example.com');

    // Use secure webserver for checkout procedure?
    define('ENABLE_SSL', 'true');

    // NOTE: be sure to leave the trailing '/' at the end of these lines if you make changes!
    // * DIR_WS_* = Webserver directories (virtual/URL)
    // these paths are relative to top of your webspace ... (ie: under the public_html or httpdocs folder)
    define('DIR_WS_CATALOG', '/');
    define('DIR_WS_HTTPS_CATALOG', '/');
    admin/includes/configure.php
    define('HTTP_SERVER', 'http://subdomain.example.com');
    define('HTTPS_SERVER', 'https://subdomain.example.com);
    define('HTTP_CATALOG_SERVER', 'http://subdomain.example.com');
    define('HTTPS_CATALOG_SERVER', 'https://subdomain.example.com');

    // Use secure webserver for catalog module and/or admin areas?
    define('ENABLE_SSL_CATALOG', 'true');
    define('ENABLE_SSL_ADMIN', 'true');

    // NOTE: be sure to leave the trailing '/' at the end of these lines if you make changes!
    // * DIR_WS_* = Webserver directories (virtual/URL)
    // these paths are relative to top of your webspace ... (ie: under the public_html or httpdocs folder)
    define('DIR_WS_ADMIN', '/admin/');
    define('DIR_WS_CATALOG', '/');
    define('DIR_WS_HTTPS_ADMIN', '/admin/');
    define('DIR_WS_HTTPS_CATALOG', '/');
    If these are correct, I will follow your advice and get the SSL for www.example.com.

  5. #5
    Join Date
    Apr 2007
    Posts
    47
    Plugin Contributions
    0

    Default Re: Advice needed on SSL

    Just realized that I would have one difficulty. The hosting account is on a shared IP and I ordered a dedicated IP thinking that I could use it for secure.example.com (isn't it true that a non-shared SSL cert requires a dedicated IP?)

    If I were to install on the shared IP, wouldn't the cert become a shared SSL cert? Shouid I then move the hosting account to the dedicated IP and then get the SSL? There is a lot of data on the test install and I wonder how I am going to move all this seamlessly to the new IP.

  6. #6
    Join Date
    Nov 2004
    Location
    Norfolk, United Kingdom
    Posts
    3,036
    Plugin Contributions
    2

    Default Re: Advice needed on SSL

    Full SSL Certificates can only be installed on websites, on a shared server, which have a dedicated ip address. It should not be necessary to move anything to convert your hosting from Name Based to IP Based.

    Vger

  7. #7
    Join Date
    Apr 2007
    Posts
    47
    Plugin Contributions
    0

    Default Re: Advice needed on SSL

    Thanks, Vger. I have been advised on the cPanel forums to define a hosting package in WHM with a dedicated IP, move the site to that hosting package and then use the change IP function to move it to the dedicated IP which I got for the SSL cert.

  8. #8
    Join Date
    Nov 2004
    Location
    Norfolk, United Kingdom
    Posts
    3,036
    Plugin Contributions
    2

    Default Re: Advice needed on SSL

    Just goes to prove that I'm no expert when it comes to cPanel. I use it when when we have customers who are not hosted with us. But mostly I use Ensim Pro X which is the control panel we use - and with that you just add the IP address and click to convert t from Name Based to IP Based.

    Vger

 

 

Similar Threads

  1. v154 Advice needed
    By dfontana in forum Addon Templates
    Replies: 2
    Last Post: 13 May 2015, 01:26 AM
  2. advice needed
    By firecaptain in forum General Questions
    Replies: 5
    Last Post: 11 Jan 2008, 06:26 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg