I discovered that my login page for some unknown reason is not secured even after SSL was installed. I have tried the following code which Linda suggested here
Code:
<?php
$request_type = ((isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on') || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == '1') || (isset($_SERVER['HTTP_X_FORWARDED_BY']) && strstr(strtoupper($_SERVER['HTTP_X_FORWARDED_BY']),'SSL')) || (isset($_SERVER['HTTP_X_FORWARDED_HOST']) && strstr(strtoupper($_SERVER['HTTP_X_FORWARDED_HOST']),'SSL')) || (isset($_SERVER['SCRIPT_URI']) && strtolower(substr($_SERVER['SCRIPT_URI'], 0, 6)) == 'https:') || (isset($_SERVER['SERVER_PORT']) && $_SERVER['SERVER_PORT'] == '443' ) ) ? 'SSL' : 'NONSSL';
echo 'I SEE ' . $request_type;
?>
The result was as expected. That is, "I SEE NOSSL" at non-secure page and "I SEE SSL" at secure page.
Setting in include/configure.php files:
define('HTTP_SERVER', 'http://www.mysite.com');
define('HTTPS_SERVER', 'https://www.mysite.com');
// Use secure webserver for checkout procedure?
define('ENABLE_SSL', 'true');
Setting in include/configure.php files:
define('HTTP_SERVER', 'https://www.mysite.com');
define('HTTPS_SERVER', 'https://www.mysite.com');
define('HTTP_CATALOG_SERVER', 'http://www.mysite.com');
define('HTTPS_CATALOG_SERVER', 'https://www.mysite.com');
// Use secure webserver for catalog module and/or admin areas?
define('ENABLE_SSL_CATALOG', 'true');
define('ENABLE_SSL_ADMIN', 'true');
Access to the admin page has not problem, I get redirected to the secure admin page even when I key in http://www.mysite.com/admin (rather then https://). Can anyone shed some light on this peculiarity? Thank you very much.
Bookmarks