Posting in the Magento forums has been disabled pending the implementation of a new and improved forum solution which should better serve the community.

For new questions please post at magento.stackexchange.com, the community-run support site for the Magento community. We will be providing updates on the new forum solution soon. For questions or concerns please email community@magento.com.

Magento Forum

Secure admin area? 
 
macsmart
Jr. Member
 
Total Posts:  29
Joined:  2007-08-31
Greensboro, NC
 

Is there a way to make all access to admin via a secured / SSL connection? As is, I can access the login page by secure connection, but everything after that forwards back to the default non-SSL pages…

Thanks!

 
Magento Community Magento Community
Magento Community
Magento Community
 
Moshe
Magento Team
 
Avatar
Total Posts:  1770
Joined:  2007-08-07
Los Angeles
 

Good point smile

1. Go to Admin / System / Cache Management , make sure all the caches are Disabled.

2. Add this in app/code/core/Mage/Core/Controller/Varien/Router/Admin.php before “// get controller name” line (near 63):

$shouldBeSecure Mage::getStoreConfig('web/secure/protocol')==='https';
        
$isSecure = (bool)$request->getServer('HTTPS');
        if (
$shouldBeSecure!=$isSecure{
            $url 
Mage::getModel('core/url')
                ->
setSecure($shouldBeSecure)
                ->
getHostUrl();
            
$url .= $request->getRequestUri();
            
Mage::app()->getFrontController()->getResponse()
                ->
setRedirect($url)
                ->
sendResponse();
            exit;
        
}

3. Add this in app/code/core/Mage/Adminhtml/etc/config.xml right before </config> near end of the file:

<!-- start here -->
   <
frontend>
        <
secure_url>
            <
admin>/admin</admin>
        </
secure_url>
   </
frontend>
<!-- 
end here -->
</
config>

4. Go back to Admin / Cache management and select “Clean and Enable” for all caches, and Save.

You should be all set, and this is going to be configurable for future versions.

 
Magento Community Magento Community
Magento Community
Magento Community
Magento Community
Magento Community
Back to top