Magento Forum

   
Files accessible through https, not http
 
TheOff
Jr. Member
 
Total Posts:  2
Joined:  2010-04-27
 

Some files on my server are protected, but only via HTTP, not HTTPS.

So for example
http://www.mysite.com/protectedfile.html—results in a 403
https://www.mysite.com/protectedfile.html—is accessible and can be read as if it wasn\\\\\\\’t protected at all.

How to solve this?

 
Magento Community Magento Community
Magento Community
Magento Community
 
TheOff
Jr. Member
 
Total Posts:  2
Joined:  2010-04-27
 

Anyone? Would really appreciate it.

 
Magento Community Magento Community
Magento Community
Magento Community
 
elspood
Magento Team
 
Total Posts:  22
Joined:  2012-05-01
Magento
 
TheOff - 07 February 2013 05:01 AM

Anyone? Would really appreciate it.

This thread might be helpful:

http://www.magentocommerce.com/boards/viewthread/5553/

 
Magento Community Magento Community
Magento Community
Magento Community
 
davison
Member
 
Avatar
Total Posts:  56
Joined:  2011-09-11
 

Hi,

First you have to check for your SSL (Secure Sockets Layer) certificate, if you haven’t do it for your site. If does then keep on checking with “Secure Session Cookie with SSLwith your HTTP base url”, their is an possibilities for the middle-attack, the function session_set_cookie_params(...) with the parameter $secure. but sometimes it leaves us to the problem that we loose our session. Please check session whether its secured.

Please check and let me know.....

 
Magento Community Magento Community
Magento Community
Magento Community
Magento Community
Magento Community
    Back to top