Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

General Questions /

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

Implementing SSL Certificate in CMS Admin and on Specific Pages


Reply


3 Posts   2118 Views

Avatar
Hello_electro

Community Member, 80 Posts

1 July 2010 at 1:19pm

Hi Everyone:

I will be developing a website in which the company has some specific requirements for how certain pages are handled. For example, due to the sensitivity of some of the administration of the CMS and also the information being provided via front end forms, they require these pages to be behind an SSL.

IS there a difficult process to do this? Does anyone know of good documentation for this? I have searched and have found some older posts, but nothing with real good documentation.
ANy help/direction would be greatly appreciated.

I will wind up building using the newest stable release of SS.

Avatar
Howard

Community Member, 215 Posts

1 July 2010 at 3:29pm

Hey yea it's built in - you can put the whle site into SSL mode by adding Director::forceSSL() to your config. You can also just have certain page types use SSL by putting it in their controller.

Have a look at http://doc.silverstripe.org/ssl

Avatar
Hello_electro

Community Member, 80 Posts

2 July 2010 at 1:19am

Hi Howard:

I saw this but was a little confused being that I am not overly proficient in some areas.

"MySecurePage" would be what ever page type i need to be behind ssl?

Where do i add the second part of that code?

class Page_Controller extends ContentController {

function init() {
parent::init();
if ( !$this->SecurePage() ) {
$this->force_HTTP();
}
}

function SecurePage() {
return false;
}

// if we are on https, redirect to the http version of this page's URL
function force_HTTP() {
$page_url = Director::absoluteURL( $_SERVER['REQUEST_URI'] );
$https_regex = '{^https:}';
if ( preg_match( $https_regex, $page_url ) ) {
$new_url = preg_replace( $https_regex, 'http:', $page_url );
Director::redirect($new_url);
}
}
}

Also- what about for the Administration part? Can you help direct me to where i would edit the code to force the entire admin area into ssl?

Sorry for being the laymen!!!