Closed (duplicate)
Project:
Secure Pages
Version:
6.x-1.7-beta2
Component:
Miscellaneous
Priority:
Normal
Category:
Bug report
Assigned:
Unassigned
Issue tags:
Reporter:
Created:
19 Jan 2009 at 07:06 UTC
Updated:
6 Feb 2012 at 10:44 UTC
Jump to comment: Most recent
Comments
Comment #1
superkt commentedApparently it has something to do with Shared SSL (which I use).
Huh.
Comment #2
NazMan commentedHi,
This has nothing to do with the shared SSL.
This code:
returned no $_SERVER['HTTPS']
When I run
phpinof();using Shared SSL $_SERVER[SERVER_PORT] => 443 but $_SERVER['HTTPS'] is not visible.I kept digging and found a couple of posts suggesting an issue with the hosting. Something about the load balancer dealing with SSL making it transparent to the Web Server.
I found two links that may help you if you have access to your Apache configuration files:
http://www.mellonway.com/Apache2_SSL_Proxy_for_Drupal
and:
If anyone thinks of something else...
Thanks
Comment #3
torgospizzaAh yes, we went through this with our new host. If they are using a load balancer you have to actually enable the secure ports 443 (and sometimes 8443) in the config itself. That's not a Drupal issue per se but something you should contact your host about.
Comment #4
NazMan commentedHi,
Some people are going to say we should use Secure Pages module and I agree. Unfortunately some times it does not work because of the web hosting services...
After a few days googling I found a work around using .htaccess
This code will make sure that you stop using HTTPS when you are not in the checkout, the login or the user pages !(cart/checkout|user|login):
This code will make sure that you START using HTTPS when you are in the checkout, the login or the user pages (cart/checkout|user|login):
Note that you can use as many pages needed in https/http by including their name inside the (pagename1|pagename2|pagename3|....|....|....). Make sure to separate the page names using |.
Comment #5
webcyt commentedI also have had the problem of greyed out "enable secured pages"!
My host provides a plesk panel, under the Hosting "setup" icon the is an option to enable "SSL Support" this still does not enable secured pages but you can also check the box "Use a single directory for housing SSL and non-SSL content", I have found that
"enable secured pages"! on drupal can now be enabled.
I am not sure if this is a reccomended drupal workaround since I dont fully understand what further issues this might pose? perhaps someone could enlighten us.
But at least the drupal sytem is happy. and it seems to be working ok for me!
Comment #6
Anonymous (not verified) commentedI haven't gone through all of this convesation but it looks as though we need to distill all of the great
advice here into the modules documentation.
Any body feel up to this challenge ?
Best,
Paul Booker
Appcoast
Comment #7
minoroffense commentedBeyond the hosting provider specific issues, should the securepages_is_secure function not look like this?
(see securepages.module)
Since a user can use
SetEnv HTTPS onorSetEnv HTTPS 1in your host definition?Comment #8
emeelio commentedThis is what worked for me:
http://www.ubercart.org/forum/support/10407/cannot_enable_secure_pages_m...
Comment #9
grendzy commentedI agree this needs to be better documented - discussion has been moved to #360893: "Enable Secure Pages" greyed out - no _SERVER["HTTPS"] on phpinfo...Dunno what to do! .
In the meantime there's some more detailed instructions on http://www.metaltoad.com/blog/running-drupal-secure-pages-behind-proxy (even if you don't use a proxy this explains how to set $_SERVER['HTTPS'] on non-standard web servers).
Comment #10
VanessaM commentedThis was the only solution I found to solving the problem I have been having since installing SecurePages on my site containing SSL. The problem was that once I was on an https page, and then clicked on a non secure page, the url still stayed https. Thank you so much!!!!
Comment #11
VanessaM commentedI get security errors on the page when I used the above code in #4. Any ideas why?
I am running on server:Apache 2.2.21 using Php 5.3.8