thepoppershop Posted August 19, 2010 Share Posted August 19, 2010 is there an easy way to force all pages in the backoffice over SSL? (besides hitting the link directly?) not sure if this is a feature or if I should just have the webserver require the content to be required via SSL Link to comment Share on other sites More sharing options...
rocky Posted August 20, 2010 Share Posted August 20, 2010 Change line 118 of init.php from: $protocol_link = (Configuration::get('PS_SSL_ENABLED') OR (isset($_SERVER['HTTPS']) AND strtolower($_SERVER['HTTPS']) == 'on')) ? $protocol_ssl : $protocol; to: $protocol_link = /*(Configuration::get('PS_SSL_ENABLED') OR (isset($_SERVER['HTTPS']) AND strtolower($_SERVER['HTTPS']) == 'on')) ? */$protocol_ssl/* : $protocol*/; Link to comment Share on other sites More sharing options...
RapidFire Posted December 19, 2010 Share Posted December 19, 2010 Change line 118 of init.php from: $protocol_link = (Configuration::get('PS_SSL_ENABLED') OR (isset($_SERVER['HTTPS']) AND strtolower($_SERVER['HTTPS']) == 'on')) ? $protocol_ssl : $protocol; to: $protocol_link = /*(Configuration::get('PS_SSL_ENABLED') OR (isset($_SERVER['HTTPS']) AND strtolower($_SERVER['HTTPS']) == 'on')) ? */$protocol_ssl/* : $protocol*/; This didn't seem to do anything for me. The Back Office login is still going over HTTP and not HTTPS. Do we need to change something in init.php within the admin folder as well?I've added$useSSL = true; to the top of login.php and that seems to have secure the BO login, although I'm not sure if this is the correct way to go about it or not. Any thoughts, rocky? Link to comment Share on other sites More sharing options...
rocky Posted December 19, 2010 Share Posted December 19, 2010 Did you change line 47 of admin/init.php? The file init.php affects the Front Office and admin/init.php affects the Back Office. Link to comment Share on other sites More sharing options...
RapidFire Posted December 20, 2010 Share Posted December 20, 2010 Did you change line 47 of admin/init.php? The file init.php affects the Front Office and admin/init.php affects the Back Office. Yes. I copied that line of code to line 118 of init.php and line 47 of admin/init.php, yet the BO logon is still insecure. Link to comment Share on other sites More sharing options...
Dave Angel Posted May 31, 2011 Share Posted May 31, 2011 Did you ever resolve this issue of the BO being Unsecure?If you did could you let me know how you did it please? Link to comment Share on other sites More sharing options...
RapidFire Posted May 31, 2011 Share Posted May 31, 2011 No, I have not. :/ Link to comment Share on other sites More sharing options...
vapingmike Posted March 27, 2013 Share Posted March 27, 2013 For those like me looking for a solution with PS 1.5 In : /var/www/controllers/admin/AdminLoginController.php there is : // You can uncomment these lines if you want to force https even from localhost and automatically redirect // header('HTTP/1.1 301 Moved Permanently'); // header('Location: '.Tools::getShopDomainSsl(true).$_SERVER['REQUEST_URI']); // exit(); that you simply have to uncomment to : // You can uncomment these lines if you want to force https even from localhost and automatically redirect header('HTTP/1.1 301 Moved Permanently'); header('Location: '.Tools::getShopDomainSsl(true).$_SERVER['REQUEST_URI']); exit(); and the backoffice login will be forced in ssl mode It won't force all the backoffice.. But at least you shall be in https as long as you don't remove the s manually Mike 1 Link to comment Share on other sites More sharing options...
markoroots Posted July 5, 2017 Share Posted July 5, 2017 Many thanks Mike, really great. Too me I use vaporizers, so I hope too meet you on some vaporizer forum. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now