Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

General Questions /

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

SS with HTTPS on a shared webhoster


Reply


3 Posts   2117 Views

Avatar
Devlin

Community Member, 225 Posts

30 July 2010 at 1:27am

Edited: 30/07/2010 1:56am

Hi there,

Finally I have a question for the community too. Hurray!!!

I'm using HTTPS through my hosters SSL proxy so there is no need for me to buy a own SSL certificate.
The URL for this is "https://ssl.webpack.de/[www.domain.de]/[subdir]/" but the result is something I would name "redirect hell".

I traced the problem a little and found out that:
- SS defines BASE_URL with "https://ssl.webpack.de/[subdir]/" -- with out [www.domain.de] -- and wants of course to redirect to "https://ssl.webpack.de/[subdir]/"
- and URLSegment is [subdir] -- instead of home or something else.

Any help is appreciated.

Avatar
Devlin

Community Member, 225 Posts

30 July 2010 at 2:11am

Edited: 30/07/2010 2:17am

Ok Director::$alternateBaseURL actually works.

Director::$alternateBaseURL = "https://ssl.webpack.de/[www.domain.de]/[subdir]/";

Next problem: BackURL for the login form doesn't work, because [www.domain.de] is missing again.
Fixed it with:

$_SERVER['REQUEST_URI'] = "/[www.domain.de]".$_SERVER['REQUEST_URI'];

Next problem: SS won't let me login. I get a error message with wrong login credentials... but with correct credentials (no error-message) there is no redirect nor is the login session saved.

Avatar
Devlin

Community Member, 225 Posts

10 August 2010 at 4:00am

"Next problem: SS won't let me login. I get a error message with wrong login credentials... but with correct credentials (no error-message) there is no redirect nor is the login session saved."

Yeah, found it. It seems that @session_start() in Session::start() never was called because my hoster actually sends some headers before me.

So, everything seems to work now.

For those of you, who are customers of HostEurope and want to use SSL with SilverStripe - especially security/login - than you want to add the following lines into your _config:

// workaround to get SS working with ssl.webpack.de
if( !session_id() ) @session_start();
$_SERVER['REQUEST_URI'] = "/www.domain.com".$_SERVER['REQUEST_URI']; // needed for ?BackURL=
Director::$alternateBaseURL = "https://ssl.webpack.de/www.domain.com/somesubdirectory/";
//Director::forceSSL(); // do not force SSL because of to many redirects. Director::$alternateBaseURL is forcing SSL