https on site

[mrtrung]

I turned the https on in the config and I see that it works but when I leave the area of the site that doesn't need to be https it doesn't redirect back to http. This is an issue for SEO. Did I miss something or does it not redirect back to http?

[jjk]

Maybe this one helps:
http://forum.virtuemart.net/index.php?topic=96053.msg358074#msg358074
or
http://extensions.joomla.org/extensions/site-management/url-redirection/11326
or
http://forum.virtuemart.net/index.php?topic=97847.msg336952#msg336952
Let us know if one of the above works for you

[Click SSL]

URL rewrite can help with this. Below code should be solve your issue.

HTTPS to HTTP in IIS7

<rule name="No-https" enabled="true" stopProcessing="true">
                    <match url=".*" negate="false" />
                    <action type="Redirect" url="http://{HTTP_HOST}{REQUEST_URL}" />
                    <conditions>
                        <add input="{HTTPS}" pattern="on" />
                        <add input="{URL}" pattern="owa" negate="true" />
                    </conditions>
                </rule>


HTTPS to HTTP in Apache Server

<?php
if  ( $_SERVER['HTTPS'] )
        {
                $host = $_SERVER['HTTP_HOST'];
                $request_uri = $_SERVER['REQUEST_URI'];
                $good_url = "http://" . $host . $request_uri;
                header( "HTTP/1.1 301 Moved Permanently" );
                header( "Location: $good_url" );
                exit;
        }
?>

[gfxpixeldesigns]

I'm seeing this same issue too, having previously been running virtuemart 1.9.x our secure area would always go back to http, for instance when in the cart area (https) clicking a menu link or the logo would immediately take you back to the non secure http area. In virtuemart 2 this is no longer the case, it doesnt appear to be a template issue as its present in the default template aswell as any custom templates. Is there any other solution other than rewrites as rewrites do tend to slow things down...if theres no other solution how would we go about implementing the above solution ?
Thanks

[jjk]

It works on my site using Joomla 2.5.8 and VirtueMart 2.0.16.
As far as I know, if it doesn't work, it usually is related to SSL settings in Joomla and the way the Joomla cache works. (If you have dynamic content, like a shop, Joomla cache should be disabled)

I'm using the following settings:
Joomla cache = Off
Joomla menu items linking to secure Virtuemart views like the cart, customer's order history or customer's account: Secure = On
All non-SSL menu items: Secure = On (Joomla default is 'Ignore')

To edit your menu items, go to Menu Manager: Edit Menu Item - Metadata Options - Secure = On/Off/Ignore

[gfxpixeldesigns]

Thats what i first thought that it was a caching issue but after testing both with the cache on and off i've found it not to be the cache at fault. I have exclusion rules setup with jotcache aswell to prevent this sort of thing but in either case its the same with the cache on or off so im pretty certain i can rule a caching problem out.

My settings are identical only all my menu items are set to secure = off as i only need the cart area to be secure. If i set them to secure = on would that not result in all areas going to ssl ?

Also can you confirm when entering your secure cart area (https) you can click any link not directly associated with the cart and be taken back to http ie menu links, virtuemart categories (i have a module set in the left position). If this is the case i must be missing something as mine always goes back to https. The only links that stay in http are my menu links as i have them set to secure = off but everything else is set to https.

[jjk]

I had a typo in my previous post (now corrected). Cart links, etc. are of course set to Secure = On

My settings are identical only all my menu items are set to secure = off as i only need the cart area to be secure. If i set them to secure = on would that not result in all areas going to ssl ?

Yes

Also can you confirm when entering your secure cart area (https) you can click any link not directly associated with the cart and be taken back to http ie menu links, virtuemart categories (i have a module set in the left position). If this is the case i must be missing something as mine always goes back to https. The only links that stay in http are my menu links as i have them set to secure = off but everything else is set to https.

Going from secure cart links to Joomla article links or VirtueMart category links does switch from https to http on my site. Going from a secure cart link to VM manufacturer or product views keeps https.

However, I think as as long as the customer stays inside https after first visiting an https area (usually after adding a product into the cart), it doesn't hurt if the shop keeps https. Google bots don't add products to the cart, so I think there is no problem. Google's Webmaster Tools don't complain about duplicate content if the shop is accessible with http and https.

[PRO]

http://forum.virtuemart.net/index.php?topic=103554.0

I use this code
in templates
productdetails/default.php
category/default.php


<?php
/* Back to http */
   $currentcheck = JURI::current();
         $comparethis = str_replace( 'https:', 'http:', $currentcheck );
      if ($comparethis !== $currentcheck){
       $app = JFactory::getApplication();
$app->redirect($comparethis, null, null, true, true);
       }   
?>


I ALSO do the REVERSE to force https on account pages so they can pass PCI compliance

[gfxpixeldesigns]

Thanks Pro,

I've implemented the above and non ssl areas are redirecting back to http.

Hopefully a better solution will be provided in time ideally without the use of redirects but for now this is fine.

For anyone else looking for a solution heres exactly what i have setup now ...

1. Download and install the plugin from http://forum.virtuemart.net/index.php?topic=103554.0
2. Enable the plugin
3. In the virtuemart configuration section under the shop tab, enable ssl for sensitive areas
4. For each of your menu items in the menu manager set the secure option to = off
5. Enable the plugin 'System - SSLRedirect' and under advanced exclude com_virtuemart
6. Finally add the code provided by PRO in the post above

Test, test, test, and test again to ensure its working.

[PRO]

Thanks Pro,

I've implemented the above and non ssl areas are redirecting back to http.

Hopefully a better solution will be provided in time ideally without the use of redirects but for now this is fine.

For anyone else looking for a solution heres exactly what i have setup now ...

1. Download and install the plugin from http://forum.virtuemart.net/index.php?topic=103554.0
2. Enable the plugin
3. In the virtuemart configuration section under the shop tab, enable ssl for sensitive areas
4. For each of your menu items in the menu manager set the secure option to = off
5. Enable the plugin 'System - SSLRedirect' and under advanced exclude com_virtuemart
6. Finally add the code provided by PRO in the post above

Test, test, test, and test again to ensure its working.

THE PLUGIN does NOT work with SEF urls. (because its a system plugin)

BUT using the code will always work