Force SSL on login page
Permalink
I have installed an SSL cert on my Concrete5 site. I had setup my base url to default to https. However I would like to setup my login page to default to SSL and possile one other page.
I have tried the Force SSL addon. But I could not get it installed correctly on my site. I imagine this is due to running Concrete5 site on an IIS server.
I have searched the forums as well.
Could anyone tell me what I would need to add to my webconfig, or htaccess file to force my login page to default to https.
Thanks,
I have tried the Force SSL addon. But I could not get it installed correctly on my site. I imagine this is due to running Concrete5 site on an IIS server.
I have searched the forums as well.
Could anyone tell me what I would need to add to my webconfig, or htaccess file to force my login page to default to https.
Thanks,
Hello,
After reading the forums I have tried adding the following into my site.php:
if(strpos($_SERVER['PATH_INFO'], '/login') === 0) {
define('BASE_URL', 'https://' . $_SERVER['HTTP_HOST']);
} else {
define('BASE_URL', 'http://' . $_SERVER['HTTP_HOST']);
}
I do have a http base url define in my site.php.
I don't have anything currently in my htaccess file.
If anyone could go into further details on what I may be doing wrong it would be greatly appreciated.
Thanks,
After reading the forums I have tried adding the following into my site.php:
if(strpos($_SERVER['PATH_INFO'], '/login') === 0) {
define('BASE_URL', 'https://' . $_SERVER['HTTP_HOST']);
} else {
define('BASE_URL', 'http://' . $_SERVER['HTTP_HOST']);
}
I do have a http base url define in my site.php.
I don't have anything currently in my htaccess file.
If anyone could go into further details on what I may be doing wrong it would be greatly appreciated.
Thanks,
If anyone could assist with getting this setup it would be great. I could then toss it into a how to. I just not sure where to go with the above listed string.
I have been actively trying to figure this one out in the forums. I just don't have any php experience yet to do this one on my own.
I am trying to force my login page to https and all other pages to http. I have purchased an SSL cert and it is installed.
I found the following advice in another forum:
http://www.concrete5.org/community/forums/customizing_c5/ssl-on-spe...
Could someone explain what this line does:
<?php define('REDIRECT_TO_BASE_URL', true); ?>
If my BASE URL is was set to https, I am trying to understand how this would revert that rest of my site to http.
Rather than just throw it in my config.php I would like to understand it a bit better.
Thanks,
I am trying to force my login page to https and all other pages to http. I have purchased an SSL cert and it is installed.
I found the following advice in another forum:
http://www.concrete5.org/community/forums/customizing_c5/ssl-on-spe...
<?php define('DB_SERVER', 'localhost'); define('DB_USERNAME', 'db_username'); define('DB_PASSWORD', 'db_password'); define('DB_DATABASE', 'db_database'); define('BASE_URL', 'https://domainname.com'); define('DIR_REL', ''); define('PASSWORD_SALT', 'J7zxKgpStqX6lYTc1RaB8MkWe4unfUrmZjE9IhynG2osVvfLA'); define('PERMISSIONS_MODEL', 'advanced'); ?><?php define('REDIRECT_TO_BASE_URL', true); ?>
Could someone explain what this line does:
<?php define('REDIRECT_TO_BASE_URL', true); ?>
If my BASE URL is was set to https, I am trying to understand how this would revert that rest of my site to http.
Rather than just throw it in my config.php I would like to understand it a bit better.
Thanks,
Their is alot of good information on the forums for forcing SSL on the login page only. After doing quite a lot of reading, I am still unable to get this working.
I have tried the various snippets of code found in the forums, but I have not been successful.
I imagine their is something basic I am missing.
For example: "Is my base url set to http or https when setting this up?
I know that the Concrete5 experts in these forums asks that one puts alot of research into thier questions. I can assure you I have done that.
Any help would be greatly appreciated!
I have tried the various snippets of code found in the forums, but I have not been successful.
I imagine their is something basic I am missing.
For example: "Is my base url set to http or https when setting this up?
I know that the Concrete5 experts in these forums asks that one puts alot of research into thier questions. I can assure you I have done that.
Any help would be greatly appreciated!
Hey SteadyIT,
Just ran across your post and wanted to see if you ever got it sorted out.
I find the "Force SSL" add-on particularly useful and simplifies the whole process.
Note that I did start having an issue where it forced me to login twice. Very annoying.
Turned out it was b/c my domain name. As the site progressed through development stages, the domain name changed a few time. Last time it changed, I forgot to go to Dashboard/SystemSettings/Environment/Force SSL and change the domain there. That solved everything.
Just ran across your post and wanted to see if you ever got it sorted out.
I find the "Force SSL" add-on particularly useful and simplifies the whole process.
Note that I did start having an issue where it forced me to login twice. Very annoying.
Turned out it was b/c my domain name. As the site progressed through development stages, the domain name changed a few time. Last time it changed, I forgot to go to Dashboard/SystemSettings/Environment/Force SSL and change the domain there. That solved everything.
search in the forum for "https login"
There are a lot of results.
http://www.concrete5.org/community/forums/-/view/?sort=relevance&am...
good luck.
Frank