SSL issue: entire site remains on https once a "sensitive area" is visited

alpertheidiot · April 01, 2012, 22:49:20 PM

once a sensitive area like "cart" is visited, links change from http to https. this is fine. but when you go back to non-sensitive areas, such as homepage, or delivery information etc, it stays on https. Is there way to configure this so that only intended areas https and other pages remain as http?

this was handled quite nicely with VM 1.1.x where you can select which areas to use SSL. and also there was an option "generally prevent https connections". maybe these options still present in VM 2.0.x but I couldnt locate them.

thanks

alpertheidiot · April 15, 2012, 21:50:18 PM

VM 2.0.4 and Joomla 2.5.4 and issue still remains unresolved. any solution to this?

shargreaves91 · April 16, 2012, 00:35:21 AM

I'm running Joomla 1.5 and you mention that this feature is available for this version.

How do you go about changing the pages back to HTTP after a HTTPS connection?

alpertheidiot · April 16, 2012, 00:40:20 AM

VM configuration > Security : tick "generally prevent https connections"

Dokho · April 24, 2012, 01:24:40 AM

I have the same problem

Quote from: alpertheidiot on April 16, 2012, 00:40:20 AM
VM configuration > Security : tick "generally prevent https connections"

I don't find this option, does anybody get a solution for this?

gsullins · April 26, 2012, 05:23:42 AM

I too am looking for this in VM2. Most specifically because after the checkout area is visited, and you click on a https link there, to go back to shopping for instance, the rest of the site remains https, which actually causes a problem with the "add to cart" buttons - because the session ID is lost - at least in Firefox, so the add to cart buttons do not work any longer. IF I change the url on the page back to http, then the add to cart button works again. So the "generally prevent https", besides sensitive pages during checkout would be very, very, very helpful. Maybe this can be done with the .htaccess file??

Appreciate future solutions.

PRO · April 26, 2012, 22:11:49 PM

Quote from: gsullins on April 26, 2012, 05:23:42 AM
I too am looking for this in VM2. Most specifically because after the checkout area is visited, and you click on a https link there, to go back to shopping for instance, the rest of the site remains https, which actually causes a problem with the "add to cart" buttons - because the session ID is lost - at least in Firefox, so the add to cart buttons do not work any longer. IF I change the url on the page back to http, then the add to cart button works again. So the "generally prevent https", besides sensitive pages during checkout would be very, very, very helpful. Maybe this can be done with the .htaccess file??

Appreciate future solutions.

This does not happen with me.

It could be a problem with your server setup

Dokho · April 27, 2012, 01:19:57 AM

Quote from: gsullins on April 26, 2012, 05:23:42 AM
I too am looking for this in VM2. Most specifically because after the checkout area is visited, and you click on a https link there, to go back to shopping for instance, the rest of the site remains https, which actually causes a problem with the "add to cart" buttons - because the session ID is lost - at least in Firefox, so the add to cart buttons do not work any longer. IF I change the url on the page back to http, then the add to cart button works again. So the "generally prevent https", besides sensitive pages during checkout would be very, very, very helpful. Maybe this can be done with the .htaccess file??

Appreciate future solutions.

This is what happens to my website, when I'm in a sensitive site and I wish to continue shopping, the https persists and add to cart button stops working.

willxiao0790 · April 28, 2012, 17:12:08 PM

I got the same problem, once we're back to other sections of website (such as blog), https SSL is still enabled.

I'm using J2.5.4 and VM2.0.6

dragonita · May 09, 2012, 11:07:13 AM

Quote from: BanquetTables.pro on April 26, 2012, 22:11:49 PM
Quote from: gsullins on April 26, 2012, 05:23:42 AM
I too am looking for this in VM2. Most specifically because after the checkout area is visited, and you click on a https link there, to go back to shopping for instance, the rest of the site remains https, which actually causes a problem with the "add to cart" buttons - because the session ID is lost - at least in Firefox, so the add to cart buttons do not work any longer. IF I change the url on the page back to http, then the add to cart button works again. So the "generally prevent https", besides sensitive pages during checkout would be very, very, very helpful. Maybe this can be done with the .htaccess file??

Appreciate future solutions.

This does not happen with me.

It could be a problem with your server setup

Joomla 1.7.4 & VM 2.0.2 and the same issue. I just enable the SSL on VM configuration settings, but not in Joomla configuration...and I guess this has nothing to do with it.
On the other hand it´s hosted on a shared linux machine with a SSL configured as the host says:

"We have mapped the URL:-

https://web34.secure-secure.co.uk/DOMAIN.com/ to http://www.domain.com

Please note the s in https.

This means that any files that are hosted on your main website can also be loaded securely, just link to this URL when you need to securely load a page"

If you think is the server config....any idea?

btw, when I use google chrome I do not get a green https on the checkout, Y get https with a cross on it...Google says that the certificate or some are not secure..... I´m lost...

JohnHunter · June 05, 2012, 18:14:46 PM

I posted a quick fix here:
http://forum.virtuemart.net/index.php?topic=91426.15

a simple template change, hasn't been tested with SEF on

News:

SSL issue: entire site remains on https once a "sensitive area" is visited

alpertheidiot

alpertheidiot

alpertheidiot