PDA

View Full Version : secure site

boblob
5-13-04, 02:09 PM
I am using osCommerce on my site and want to make it secure.I have a
.htaccess doc that redirects from the index.html in the htdocs folder to the
osCommerce/catalog/index.php file . i put the secure addy in where my storename.com was and it doesnt seem like any thing is different no adlock when i go to site can anyone tell me or show me docs on this? thanks in advance all hel is welcome
tbonekkt
5-13-04, 03:16 PM
If you're referring to SSL, you can access your website using the format: https://yourdomaincom.secure.powweb.com

So if your domain was powwebisthebest.net, your SSL URL would be:
https://powwebisthebestnet.secure.powweb.com
stevel
5-13-04, 03:17 PM
First, I would suggest reinstalling osCommerce at the top level of your site rather than redirecting. But that's a separate issue.

To make the appropriate pages secure, define the HTTPS_SERVER line in catalog/includes/configure.php to be "https://yourdomaincom.secure.powweb.com" and set USE_SSL to "true". This will tell PowWeb to use SSL for the pages where security is needed (login, order processing, etc.)
boblob
5-13-04, 03:59 PM
ok i ftped the catalog/includes/config.php file to my compp made the define yourdomain.secure change and ft wont send the doc back just gives me the oh oh sound. allso u say set USE_SSL to true do i do that in the same doc? what i need to add that do i ?
thank you for your hel on this as im stumbling along best i can thanks again
stevel
5-13-04, 05:53 PM
I am sorry, but I can't understand your question. Would you please rephrase it, perhaps in complete sentences (and words) this time? Be explicit about what changes you made to configure.php. As my computer doesn't make "oh oh" sounds, you will need to explain that further as well.

I'd like to help, if only I could understand what you wrote.
bradw
5-17-04, 08:02 PM
... and ft wont send the doc back just gives me the oh oh sound. ...

I believe boblob is trying to FTP the file back to the server, but the FTP client is failing. WS_FTP_LE has an oh-oh sound by default for an error... usually caused by an FTP client timeout. Just a guess.
stevel
5-17-04, 09:36 PM
Ok, I get it. Thanks for the translation. I hadn't realized that they didn't speak English in Nebraska... ;)

When you first upload configure.php (not config.php), you get warnings about "I can write to...". The advice given (here and elsewhere) is to do a "chmod 444" on the file. That has the side effect of disallowing FTP PUTs of the file while it exists, since you have no permission to write to it.

The solution is to delete the old one first, then you can PUT the new one.