SSL Secured Pages

6 years ago
Hi

i am wondering, when i install a SSL certificate, using the default source code, which pages are secured? (ie, checkout, admin?).

Also can the non-encrypted pages be at www.xxx.com, and the secured pages from secure.xxx.com ? how would i go upon doing this?
5 years ago
If you install ssl certificate and enable ssl ( admin -> configuration->stores -> edit -> enabled ssl) usually all pages those have 'form' input like cart, checkout, login, registration, review, admin area  come with https

The pages those have no form input like home, product list, product details pages come with http

FYI: we can enable SSL for the entire nopcommerce site by setting up
SecuritySettings.ForceSslForAllPages = true

To do that go to

Admin --> Configuration --> Settings ---> All Settings (Advanced)

Click the funnel type icon next to 'Setting Name' column. Using that filter, filter for "SecuritySettings.ForceSslForAllPages" and update the setting.
5 years ago
Hello, i just did the SecuritySettings.ForceSslForAllPages = true
and
in admin enabled SSL.

Now I cant open the website and admin panel anymore.

So I cant undo this setting, I think. Please help
5 years ago
Bosch88 wrote:
Hello, i just did the SecuritySettings.ForceSslForAllPages = true
and
in admin enabled SSL.

Now I cant open the website and admin panel anymore.

So I cant undo this setting, I think. Please help


You have to have ssl certificate installed, and try restart application pool
5 years ago
Bosch88 wrote:
Hello, i just did the SecuritySettings.ForceSslForAllPages = true
and
in admin enabled SSL.

Now I cant open the website and admin panel anymore.

So I cant undo this setting, I think. Please help


Hi Bosch88,

I am afraid you will have to revert these settings directly in the database, as you will not be able to login to the admin without having an SSL certificate installed. So just open your database and search in the Store table for your store and edit the SslEnabled column with value of false. Do the same with the Settings table and search for a setting with name SecuritySettings.ForceSslForAllPages .

Hope that helps!
5 years ago
Thank you for these fast replies.
I wish i did not touched that setting.
Were can i find this database :')
5 years ago
Bosch88 wrote:
Thank you for these fast replies.
I wish i did not touched that setting.
Were can i find this database :')


Hi,

If your site is hosted you should reach your database either through your control panel or through a remote connect using SQL Server Management Studio for example.
If you are running the site locally you should access your database through sql server management studio.

Hope that helps!
5 years ago
Bosch88 wrote:
Thank you for these fast replies.
I wish i did not touched that setting.
Were can i find this database :')


update [dbo].[Setting]
set Value='false'
where name = 'SecuritySettings.ForceSslForAllPages'


update [dbo].[Store]
set SslEnabled = 0




You may need to  restart application pool
5 years ago
Thank you Guys!
Poof, it's gone :)

Many Thanks.
5 years ago
We figured out we still have a problem, which was mentioned earlier.

The site is visable and online.

But I can;t seem to be able to logg in the admin menu.

how do i reverse the setting that caused this problem?

Kind Regards,