using app/etc/config.xml to secure specific pages

Wegento · ‎09-16-2015

I can force all page elements to utilise https by placing this code in the app/etc/config.xml:

<frontend>
<secure_url>
<all>/</all>
</secure_url>
</frontend>

But I only want the login, create account, cart, checkout and contact page to be secure.

If I use something like this:

<frontend>
<secure_url>
<checkout_cart>/checkout/cart</checkout_cart> 
</secure_url>
</frontend>

It doesnt work - The page uses https but isnt fully secure as there are unsecure elements on the page.

iweb_smartie · ‎09-16-2015

Hi there.

You can acheive most of what you are after by changing some settings in the admin area. As long as your secure url is set correctly in system configuration and you have turned on "use secure urls in the frontend", your checkout, login and register pages would forward to https.

Now as for your contacts page; this is a bit more trickey to do out of the box and would require a custom rule outside of the system configuration but at this point my question is why not just make your entire site run under https? It is now considered best practice and is looked favourably on by google. There are some things to consider if decidiing to do that though.

Regards,

Andy

Problem solved? Click Accept as Solution!
www.iwebsolutions.co.uk | Magento Small Business Partner

support_tmaid · ‎07-05-2019

Thanks for your answer.

Do you an example please ?

Is it something like that :

 <frontend>
 <secure_url>
 http://www.my_url.fr
 </secure_url>
 </frontend>

mcaashu133 · ‎07-09-2019

No don't need to do anything in config.xml. Go to admin>System > Configuration > General > Web

using app/etc/config.xml to secure specific pages

using app/etc/config.xml to secure specific pages

Re: using app/etc/config.xml to secure specific pages

Re: using app/etc/config.xml to secure specific pages

Re: using app/etc/config.xml to secure specific pages