Jump to content

Recommended Posts

Posted

Hallo!

I'd like to force SSL (port 443) for the back-end (./processwire/) and prevent the users from loging to the back-end using non-encrypted connection.
What seems to be the best way to achieve it?


Best regards,
Mick

Posted

Does it have to just be the backend? I don't think there's any harm in setting the whole site to SSL if you want to be on the safe side.

Posted

If your admin is located at /processwire/ it looks like the easiest thing to do is edit your .htaccess file and add this solution to it  after RewriteEngine On:
 http://stackoverflow.com/questions/9642877/redirect-only-one-folder-to-https-all-others-to-http

Remember to leave the RewriteEngine On line off the example (don't want it in the .htaccess file twice) and change secure to processwire from the example.

Should work but I've not tested it.

Posted

Templates -> Filters -> Show System Templates : look for "admin" template. Edit and go to -> "URLs" and look for https etc.

  • Like 7
  • 3 weeks later...
Posted

A great answer from Soma. However, here's a further question around this topic ...

I quite often take a backup of the server DB and install it locally when I want to work on the site. Generally, the data is more up to date on the server than on my local copy.

If I install the backup from the server, I have no SSL certificate locally and I cannot get into the Admin section.

Any suggestions as to how to get around this?

Thanks.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...