Topics:
DVR
nvrec
Mplayer
Links
Misc
Commands
Humor
New user
uploaded files
|
(links)-> (Parent)->force ssl connection (mosso/rackspace) |
submited by Russell Thu 08 Apr 10 Edited Fri 10 Sep 10 |
we just got our ssl cert installed at mosso (AKA rackspace cloud) and I want to force the shopping cart (oscommerce) transactions to all take place in ssl.
well because the mosso servers are virtual, the standard .htaccess mod-rewrite doesn't work:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
Because the variable HTTPS is off all the time , even when the connection is secure. This is also the case for %{SERVER_PORT} witch is always 80, even if it's a port 443 connection. The trick is to use %{ENV:HTTPS} witch accesses the variable at another level. I've been playing with multiple settings, but this seems to be what I have settled on:
RewriteEngine On
RewriteCond %{ENV:HTTPS} !on [NC]
RewriteCond %{REQUEST_URI} folder
RewriteRule ^(.*)$ https://domain/folder/$1 [R,L]
This goes in the .htaccess file for the folder I want to protect. I think it could also be on the root.
But there is a catch, for Oscommerce, I had to edit the config file is a slightly counter-intuitive way.
Ofcourse you put in define('ENABLE_SSL_CATALOG', 'true'); but I also had to change http:// to https:// for all the http values:
define('HTTP_SERVER', 'https://domain');
define('HTTP_CATALOG_SERVER', 'https://domain');
define('HTTPS_CATALOG_SERVER','https://domain');
If I didn't do this, multiple places oscommerce would put up urls that didn't contain the https, including the admin login page, which cause it to fail on login. (very annoying)
|
Add comment or question...:
|