I'm using Opencart 1.5.6, with Cloudflare pro service. The issue I have is when I have Opencart SSL enabled.
I have changed the config.php and admin/config.php to look at HTTPS.
When I browse to a HTTPS url on the website, the main HTML comes through as HTTPS, but most other resources are still HTTP, which causes insecure content issues.
I belive this is because Cloudflare doesn't make the HTTPS environment variable available for Opencart.
I believe the code contained in these 3 files:
/admin/controller/common/header.php
/admin/controller/common/filemanager.php
/catalog/controller/common/header.php
is the issue:
if (isset($this->request->server['HTTPS']) && (($this->request->server['HTTPS'] == 'on') || ($this->request->server['HTTPS'] == '1'))) {
$this->data['base'] = HTTPS_SERVER;
} else {
$this->data['base'] = HTTP_SERVER;
}
Question is, does anyone have any idea how I can change this to work correctly with Cloudflare?
Turns out I didn't need to do this, I have just added this to my .htaccess:
RewriteCond %{HTTP:X-Forwarded-Proto} https
RewriteRule .* - [E=HTTPS:on]
SetEnvIf X-Forwarded-Proto https HTTPS=on
Cloudflare support recommended I add this snippet to the apache config so that it is not necessary to read the .htaccess each time creating overhead.
Havn't tested it in httpd.conf yet though.
Related
I need to redirect my url to https when someone write my url on browser. The problem is when I write my website name on browser with https its working fine showing secure lock. But when I am trying to type myurl.com on browser it will redirecting to http not https. I need to type https before my website url on browser to redirect it on secure lock. How can I redirect it into https automatically when someone write my website url. I have done everything change countless time my htacess file but nothing fix this issue.
Thank You
If you want to add http -> https in your CodeIgniter without configuring .htaccess, you can add following in application/config/config.php before $config['base_url']:
if($_SERVER['REQUEST_SCHEME'] == 'http') {
$web_path = $_SERVER['HTTP_HOST'] . str_replace(basename($_SERVER['SCRIPT_NAME']),"",$_SERVER['SCRIPT_NAME']);
header('Location: https://'.$web_path);
die;
}
This is not a good way to go but can help you until you identify why webserver isn't reading your .htaccess file. What above code does is, it checks if request came for http, if yes, it creates variable $web_path with incoming source path and redirect same with https scheme.
Best way to do this is from .htaccess.
Try this -
RewriteEngine On
RewriteCond %{HTTP_HOST} ^myurl\.com$
RewriteRule (.*) https://www.myurl.com/$1 [R=301,L]
This will work as you expected.
This will pass all the possible combinations and redirect to https://www.myurl.com -
Url without https - (http://www.myurl.com)
Url without www - (https://myurl.com)
Url without https and www - (myurl.com)
Please try this. Hope this will work. Thanks.
I want to redirect example.com and example.com/anything to example.com/blog. Please note few things.
I refer example.com for a 1 domain.
I use apache as web server.
My document root is set to /var/www/html/public within apache vhost conf file (For a laravel APP).
I tried setting redirects in .htaccess and using apache vhost conf file and I get redirect too many times error.
Can someone help me to accomplish this please?
This probably is what you are looking for: rewriting on the level of the http server:
RewriteEngine on
RewriteRule ^/?$ /blog [R=301]
RewriteRule ^/?anything/?$ /blog [R=301]
If by "anything" you actually mean anything so that a redirection should get applied regardless of the requested path, then this should do:
RewriteEngine on
RewriteCond %{REQUEST_URI} !/blog
RewriteRule ^ /blog [R=301]
It is a good idea to start out with a 302 temporary redirection and only change that to a 301 permanent redirection later, once you are certain everything is correctly set up. That prevents caching issues while trying things out...
This implementation will work likewise in the http servers host configuration or inside a distributed configuration file (".htaccess" file). Obviously the rewriting module needs to be loaded inside the http server and enabled in the http host. In case you use a distributed configuration file you need to take care that it's interpretation is enabled at all in the host configuration and that it is located in the host's DOCUMENT_ROOT folder.
And a general remark: you should always prefer to place such rules in the http servers host configuration instead of using distributed configuration files (".htaccess"). Those distributed configuration files add complexity, are often a cause of unexpected behavior, hard to debug and they really slow down the http server. They are only provided as a last option for situations where you do not have access to the real http servers host configuration (read: really cheap service providers) or for applications insisting on writing their own rules (which is an obvious security nightmare).
You can do that in your routes
// web.php
Route::redirect('/', '/blog');
Route::redirect('/anything', '/blog');
I have an PlayFramework App developed using Scala running on Heroku; I only mention the development language and framework because any posts I've found regarding this issue relate to PHP! I have http and https running on a custom domain but I would like to force http requests to be redirect to https.
I've found that I need to update the .htaccess file with the following:
##Force SSL
#Normal way (in case you need to deploy to NON-heroku)
RewriteCond %{HTTPS} !=on
#Heroku way
RewriteCond %{HTTP:X-Forwarded-Proto} !https
#If neither above conditions are met, redirect to https
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
But I am not sure if it is possible or how to set up the .htaccess file using Play and Scala.
Please can someone advise? Thanks.
All you need to do is to add
play.filters.enabled += play.filters.https.RedirectHttpsFilter
In your .conf file.
It will redirect all HTTP requests to HTTPS automatically.
It only works in production mode by default. To change that, add :
play.filters.https.redirectEnabled = true
See the RedirectHttpsFilter
documentation for more.
I'm using OpenCart for my site. The icons fail to appear when you visit example.com but they do appear if you visit www.example.com.
Any ideas what is going on here?
I have just edited config.php file and removed www. and it works for naked domain but the icons do not load
// HTTP
define('HTTP_SERVER', 'http://example.com');
define('HTTP_CATALOG', 'http://example.com');
define('HTTP_IMAGE', 'http://example.com/image');
define('HTTP_ADMIN', 'http://example.com/admin');
I would redirect all non www traffic to www. This should take care of your issue with icons. It'll also prevent possible SEO issues as a result of duplicate content/pages.
If you have an apache server add a redirect to your .htaccess.
RewriteEngine On
RewriteCond %{HTTP_HOST} ^example.com
RewriteRule (.*) http://www.example.com/$1 [R=301,L]
What worked for me:
Go into the config.php file (please backup your file first) in the main directory of your OpenCart installation.
Under //HTTP (lines 5-8 for me), edit
lines:
define('HTTP_SERVER', 'http://example.com/shop/');
define('HTTP_CATALOG', 'http://example.com/shop/');
define('HTTP_IMAGE', 'http://example.com/shop/image/');
define('HTTP_ADMIN', 'http://example.com/shop/admin/');
to read:
define('HTTP_SERVER', '/shop/');
define('HTTP_CATALOG', '/shop/');
define('HTTP_IMAGE', '/shop/image/');
define('HTTP_ADMIN', '/shop/admin/');
.
Depending on your installation, I'm sure this could cause some problem somewhere I just haven't found it... yet... (maybe someone else could correct me -- I really don't mind; I like to learn).
This worked for me:
Add to .htaccess file this line: Header add Access-Control-Allow-Origin "your-domain.com"
Change "your-domain.com" required by the url.
If in our configuration file use: define ('HTTP_SERVER' 'http://example.com/);
Then place: Header add Access-Control-Allow-Origin "http://www.example.com/"
I tested this in opencart 2.0.
I have tried searching here but nothing worked for me. I have Joomla site and want to redirect some site urls (3-4) to use HTTPS traffic to process credit card payments. Can you please guide me how can i do it using .htaccess file? what would be the exact code?
I do not want whole site to run over ssl https but few pages.
I want these:
http://www.domain.com/city1/store
http://www.domain.com/city2/subcity/store
to use https.
Thanks
Maybe try this:
RewriteRule "^/folder(/.*)" "https://%{HTTP_HOST}$1" [R=301,L]
Look more on htaccess HTTPS