Good afternoon,
I was looking for documentation to make our entire webshop work through HTTPS connection, but I could only find outdated documentation that seems to be working up to version 3.0.x. We are running 4.2.x so this documention does not seem to be applicable in our case. Does anyone know how to apply this on 4.2.x?
Cheers. Jonathan
[quote name='j.munoz@topcats.eu' timestamp='1408604981' post='190153']
Good afternoon,
I was looking for documentation to make our entire webshop work through HTTPS connection, but I could only find outdated documentation that seems to be working up to version 3.0.x. We are running 4.2.x so this documention does not seem to be applicable in our case. Does anyone know how to apply this on 4.2.x?
Cheers. Jonathan
[/quote]
You just need buy ssl certificate for your domain and enable the following settings on the admin panel > settings > general page:[list]
[]Enable secure connection at checkout
[]Enable secure connection in the administration panel
[*]Enable secure connection for authentication, profile and orders pages
[/list]
[quote name='Cart-Power' timestamp='1408648358' post='190224']
You just need buy ssl certificate for your domain and enable the following settings on the admin panel > settings > general page:[list]
[]Enable secure connection at checkout
[]Enable secure connection in the administration panel
[*]Enable secure connection for authentication, profile and orders pages
[/list]
[/quote]
In this case the [color=#282828][font=arial, verdana, tahoma, sans-serif]entire store will not work through HTTPS connection. Isn't it?[/font][/color]
I would think one would have to modify the .htaccess file to redirect the entire store to https. Making the settings above only affects checkout, admin, profile, and orders pages.
Try add this to end of .htaccess
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://your_domain_name.com/$1 [R=301,L]
Used to be an option to have everything https and a separate option of “once https, stay https”. Seems those have gone away. But the rewrite will force all access to https.
Note that https uses about 2X the bandwidth of non-https and it doesn't compress nearly as well as non-https. So be sure you need to force your whole site to https. I would advise it only for sensitive areas such as admin, profiles and checkout.
[quote name=‘tbirnseth’ timestamp=‘1408658180’ post=‘190240’]
Used to be an option to have everything https and a separate option of “once https, stay https”. Seems those have gone away. But the rewrite will force all access to https.
[/quote]
It is still one the place: