I have a multi-server single-store Magento setup as follows:
n webservers behind a loadbalancer at www.mydomain.com
Admin server serving the admin panel answering at admin.mydomain.com
The setup works fine, and when I go to www.mydomain.com/admin I will ultimately be redirected to admin.mydomain.com/index.php/admin. My problem is that if you go to admin.mydomain.com/store-page.html where store-page.html is a product, category, or other page, then the page is served. I don't want this to happen for both SEO reasons (we discovered this because someone posted links to our store on the admin server) and load balancing reasons. Is there a way in Magento to tell a specific server not to serve store pages?
lot of possibilities:
protect the admin with http basic authentication
make a mod_rewrite rule to redirect all requests to admin page
protect the admin domain with ip access rules etc
Related
I have two angular applications, one is for services I have listed, other is admin login and admin uses.
For 1st Application eg URL: https://example.com/
For 2st Application eg URL: https://example.com/administrator/
If I entered URL like https://example.com/administrator/login, it going to first application, how to navigate URL's like above to my second application.
How to handle this problem?.
I think you can use different modules for different tasks. Such as for users redirect to nomal url https://www.example.com and for admin or administration use https://www.example.com/admin.
.
And use canActivate guard for admin login.
Example... You.can.see my website designed in Angular.
https://www.aman-g.com
I have enabled SSL and both frontend and admin working fine in SSL mode.
Now, I want to force admin to use only http.
I have disabled "web/secure/use_in_adminhtml". But now getting too many redirects and admin website is not accessible.
Cleared magento cache and still not able to access.
Config: Magento 2.1.7, nginx, varnish, redis
I'm trying to setup Let's encrypt SSL for a Magento website at
https://turbofun.no/
It shows SSL correctly. However, the problem is if i access it using
http://turbofun.no/
It shows normal page without https. I think it should automatically redirect viewer to https because it is homepage.
I read some topics about adding rewrite rules to redirect all http to https but i just want to use https on homepage, checkoutpage, customer login page.
Do you know what i missed in configuration? Thank you
I have a Magento website up and running. Suddenly I could not Login to the website and could not add products to the website. On login, it simply redirected back to login page from admin end. And on adding product to cart it kept asking for enabling cookies.
Now I have updated the value of "web/cookie/cookie_domain" in core_config_data to "", and it started working fine, though previously the value was the domain name. Can anyone really suggest/explain why does it behave like this?
Magento also has an issue where if you use the bare domain and a subdomain to try accessing the site, it can set two cookies, one for example.com and one for subdomain.example.com.
You will have issues logging in for either front or admin sessions until you delete all the Magento cookies pertaining to your domain. Setting cookie paths, domains and redirecting all bare domain traffic to www or all www traffic to bare domain is necessary to prevent the issue.
search the web and found solutions.
Disable redirect to enable-cookies CMS page
Go to System –> Configuration –> General –> Web –> Browser Capabilities Detection –> Redirect to CMS-page if cookies are disabled = No
for more info you See this link.I hope solve your problem.
I access my website as example.com and login now i am logged in.
now if i access my website as www.example.com it show the same content ,same page evrthing same except it don't recognize the previous login session and so it show the content as a Guest user not a logged in user.
Why adding www.example.com do not recognize the session initiated in example.com ?
Have a read of this page to get a understanding on why use www and not http://www.yes-
www.org/why-use-www/. Go about half way and it will explain all cookie fun.
Using www stored cookies differently then not using it, one focuses on sharing the cookie across whole domain, where as other method only allows the cookie within the immediate subdomain.
Hope that helps clarify.