Simple question: how do I setup https for admin side only?

Next topic

Author	Message
Josh Rader	Saturday 13 June 2009 11:20:30 am I solved the problem in my other post, but I am having problems getting https to work for the admin side of our website. Our admin side of the site is a site access with the name "site_admin". When I go to https://url/site_admin it kicks me back to http://url/site_admin. I tried editing a bunch of different things in the site.ini file, but nothing worked, it still redirects back to http. Here is part of the site.ini.append.php file that is located in the "site_admin" site access folder: ?php /* #?ini charset="utf-8"? [InformationCollectionSettings] EmailReceiver= [SiteSettings] SiteName=work site SiteURL=url LoginPage=custom SSLPort=443 [UserSettings] RegistrationEmail= [SiteAccessSettings] RequireUserLogin=true RelatedSiteAccessList[]=site_admin ShowHiddenNodes=true [DesignSettings] SiteDesign=site_admin AdditionalSiteDesignList[]=admin [DebugSettings] DebugOutput=disabled Debug=inline DebugRedirection=disabled [TemplateSettings] Debug=disabled ShowXHTMLCode=disabled ShowUsedTemplates=disabled [DatabaseSettings] SQLOutput=disabled [SSLZoneSettings] SSLZones=enabled SSLSubtrees[]=/site_admin # ModuleViewAccessMode[shop/add]=ssl # ModuleViewAccessMode[shop/basket]=ssl # # Do not remove this line unless you know what you're doing */ ?> I use URI access method. Questions: Is 'site_admin' considered an SSLSubtree? Do I need to do anything with ModuleViewAccessMode settings? I just want everything http://url/site_access to be https. It's not sticking. Thanks.
André R.	Tuesday 23 June 2009 2:32:12 am "Is 'site_admin' considered an SSLSubtree? " No, siteaccess is matched and removed from url before the ssl code is even started, so this will never work. You'll have to use host matching setup and use a seperate sub domain for admin to get this to work correctly. But.. Did you try using just this for the settings/siteaccess/site_admin settings? [SSLZoneSettings] SSLZones=enabled SSLSubtrees[]=/ eZ Online Editor 5: http://projects.ez.no/ezoe \|\| eZJSCore (Ajax): http://projects.ez.no/ezjscore \|\| eZ Publish EE http://ez.no/eZPublish/eZ-Publish-Enterprise-Subscription @: http://twitter.com/andrerom
Josh Rader	Thursday 02 July 2009 10:45:50 am Thanks for the reply, Andre. I got it working. I set the SSLZoneSettings as: [SSLZoneSettings] SSLZones=enabled SSLSubtrees[]=/ Then set each Module as [<module name>/*] =SSL and it worked.

Author

Message

Saturday 13 June 2009 11:20:30 am

I solved the problem in my other post, but I am having problems getting https to work for the admin side of our website. Our admin side of the site is a site access with the name "site_admin". When I go to https://url/site_admin it kicks me back to http://url/site_admin. I tried editing a bunch of different things in the site.ini file, but nothing worked, it still redirects back to http. Here is part of the site.ini.append.php file that is located in the "site_admin" site access folder:


?php /* #?ini charset="utf-8"?

[InformationCollectionSettings]
EmailReceiver=

[SiteSettings]
SiteName=work site
SiteURL=url
LoginPage=custom
SSLPort=443

[UserSettings]
RegistrationEmail=

[SiteAccessSettings]
RequireUserLogin=true
RelatedSiteAccessList[]=site_admin
ShowHiddenNodes=true

[DesignSettings]
SiteDesign=site_admin
AdditionalSiteDesignList[]=admin

[DebugSettings]
DebugOutput=disabled
Debug=inline
DebugRedirection=disabled

[TemplateSettings]
Debug=disabled
ShowXHTMLCode=disabled
ShowUsedTemplates=disabled

[DatabaseSettings]
SQLOutput=disabled

[SSLZoneSettings]
SSLZones=enabled
SSLSubtrees[]=/site_admin

# ModuleViewAccessMode[shop/add]=ssl
# ModuleViewAccessMode[shop/basket]=ssl
#
# Do not remove this line unless you know what you're doing
*/ ?>

I use URI access method.

Questions:

Is 'site_admin' considered an SSLSubtree?
Do I need to do anything with ModuleViewAccessMode settings? I just want everything http://url/site_access to be https. It's not sticking. Thanks.

André R.

Tuesday 23 June 2009 2:32:12 am

"Is 'site_admin' considered an SSLSubtree? "

No, siteaccess is matched and removed from url before the ssl code is even started, so this will never work.
You'll have to use host matching setup and use a seperate sub domain for admin to get this to work correctly.

But..
Did you try using just this for the settings/siteaccess/site_admin settings?

[SSLZoneSettings]
SSLZones=enabled
SSLSubtrees[]=/

eZ Online Editor 5: http://projects.ez.no/ezoe || eZJSCore (Ajax): http://projects.ez.no/ezjscore || eZ Publish EE http://ez.no/eZPublish/eZ-Publish-Enterprise-Subscription
@: http://twitter.com/andrerom

Josh Rader

Thursday 02 July 2009 10:45:50 am

Thanks for the reply, Andre. I got it working. I set the SSLZoneSettings as:

[SSLZoneSettings]
SSLZones=enabled
SSLSubtrees[]=/

Then set each Module as [<module name>/*] =SSL

and it worked.