Jamit Software Forum

Jamit Job Board Customers => User-to-User Support => Topic started by: Peter on June 17, 2010, 02:46:56 am



Title: HTTPS for Admin folder
Post by: Peter on June 17, 2010, 02:46:56 am
Here is a good way to enforce HTTPS on your Admin folder, so that passwords (and any other information passed between you and the server) is encrypted.

Open the file /admin/index.php and add this code to the VERY TOP (before anything else):

Code:
<?php

if (!isset($_SERVER["HTTPS"]) || (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] != "on")) {
// reload page with HTTPS
header("Location: https://".$_SERVER["SERVER_NAME"]. $_SERVER["REQUEST_URI"]);
ob_flush();
exit;
}

?>

Of course, this will work only if you have an SSL certificate. BTW, I am using a hosting account with the PLESK control panel and it is very easy to create self-signed SSL certificate (for free).

If you use the above modification, there is no need to modifiy your .htaccess file. I have verified this to work on my Apache server, and there is a good chance that it may work on other servers as well.