Making Store Links HttpS ?

Hi folks,
I have an Secure Server with an SSL cert and the site works as both http and https, and pages will show up under either using a symbolic link. I was wondering if there is a way to make sure all the add to cart buttons, checkout and confirm pages are linked absolutely or relatively to the httpS version of the URL.

I could make the catalog order page linked from the navigation menu an absolute link from the main pages, but don't know if that would force a carry over one the Add to Cart button is clicked...
Thanks
Jeff

The best way to do this is via a script at the top of the pages you want to ensure are only served up from the https. Here is some code that you can add to the top of these checkout pages that will do this for you:

<?php if((!(isset($_SERVER['HTTPS']))) || ($_SERVER['HTTPS'] == "") || ($_SERVER['HTTPS'] == "off"))header("Location: https://" . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']); ?>

This will take them to the same page but with https. Do you know if your secure certificate works with your domain by itself as well as with the domain and www. in front of it? If the certificate only works for www. then you may want to hard code that in the script along with your domain like this:

<?php if((!(isset($_SERVER['HTTPS']))) || ($_SERVER['HTTPS'] == "") || ($_SERVER['HTTPS'] == "off"))header("Location: https://www.<your domain here>" . $_SERVER['PHP_SELF']); ?>

Originally Said By: Eric Mittman

  This will take them to the same page but with https. Do you know if your secure certificate works with your domain by itself as well as with the domain and www. in front of it? If the certificate only works for www. then you may want to hard code that in the script along with your domain like this:

php:

<?php if((!(isset($_SERVER['HTTPS']))) || ($_SERVER['HTTPS'] == "") || ($_SERVER['HTTPS'] == "off"))header("Location: https://www.<your domain here>" . $_SERVER['PHP_SELF']); ?>

  

The cert is for both www and without. Thanks for the help.

Ok, you should be fine with the first code example if it works for both. Let me know if you have any trouble with it.

Originally Said By: Eric Mittman

  The best way to do this is via a script at the top of the pages you want to ensure are only served up from the https. Here is some code that you can add to the top of these checkout pages that will do this for you:

php:

<?php if((!(isset($_SERVER['HTTPS']))) || ($_SERVER['HTTPS'] == "") || ($_SERVER['HTTPS'] == "off"))header("Location: https://" . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']); ?>

This will take them to the same page but with https. Do you know if your secure certificate works with your domain by itself as well as with the domain and www. in front of it? If the certificate only works for www. then you may want to hard code that in the script along with your domain like this:

php:

<?php if((!(isset($_SERVER['HTTPS']))) || ($_SERVER['HTTPS'] == "") || ($_SERVER['HTTPS'] == "off"))header("Location: https://www.<your domain here>" . $_SERVER['PHP_SELF']); ?>

  

Hi Eric, I tried both methods (with and without the hardcoded url) and it the page still goes to http. I'm wondering if my problem now is the way that our ssl was initially installed. When we first had the ssl cert installed, comodo set it up so the entire site was behind the https. This dropped us like a rock in SEO rankings, so I asked them to remove the redirect for the site, and I planned on just setting it up so that the checkout and confirm pages went through https (using your line of code). I placed the code on line one of the checkout page, uploaded it, and the page continues to come up under http.

Is it the way Comodo removed the redirect? When they did it, the tech said "I have commented out a rewrite rule in the htaccess for that site. To reactivate the https remove the # on the front of the lines 6 7 and 8"

Is it possible the htaccess is over riding the line of code on the checkout page?

I have now tried to use the suggested code on the checkout page, and it just goes to the http and the page won't go to https. Then I read through the forums and saw Jason's suggestion for changing the button behavior so that it redirects it to the uttps url, and got the same results--it still just goes to http. I'm totally stumped. Any suggestions would be appreciated. I may need to start a support ticket so that I can submit the .htaccess page and the php pages.


Thanks,
Michelle

yes, your htaccess file could be overriding the code.

to test this, you can delete the htaccess file from the server (make a back up first)


In you case where you only want some pages going to https, you should only need to change the checkout behavior on the cart page and give it the full https address.

if this is not working, I would suspect the htacess rule as the culprit. or you have multiple instances of the checkout server behavior on the cart page.