Switching to HTTPS in Opencart

OpenCart is an e-commerce platform focused on creating online stores.

file

As benefits of the software, the official site notes the following points:

Open source code.
Documentability of the software.
Unlimited categories, products and their manufacturers.
Unlimited information pages.
Support of multilingualism and translation.
Set your own themes.
Built-in modules:
- customer feedback;
- product rating system;
- system of changing the size of images;
- system of displaying related products;
- system of discounts and coupons;
- delivery method selection system.
Possibility to specify several tax rates.
Ability to specify product weight without and with packaging and dynamically calculated cost.
Search engine optimization.
Unlimited modular system, for creating multiple stores on one platform.
Backup and recovery tools.
Error reporting.
Error logging.

Migration of the site to https protocol provides protection against attacks based on sniffing the network connection

To do this in the config.php file in the root directory of your site, change the URL to HTTPS:

// HTTP
define('HTTP_SERVER', 'https://mecmep.site/');  

// HTTPS
define('HTTPS_SERVER', 'https://mecmep.site/');

file

Next, in the admin folder, also open config.php and add the HTTPS protocol:

// HTTP
define('HTTP_SERVER', 'https://mecmep.site/admin/');  
define('HTTP_CATALOG', 'https://mecmep.site/');  

// HTTPS
define('HTTPS_SERVER', 'https://mecmep.site/admin/');  
define('HTTPS_CATALOG', 'https://mecmep.site/');

file

HTTPS settings in the OpenCart admin panel

Log in to your site's admin panel via a link like http://имя_сайта/admin
Then go to System - Settings and click on the edit icon next to your store.

file

On the Server tab, under Use SSL, check Yes and save the settings.

file

Set up HTTPS redirects in .htaccess

Next, configure redirects for all visitors to HTTPS
The following rules should be added to .htaccess in the root folder of the site between lines RewriteEngine On and RewriteBase /.

If you have the main site mirror without www:

RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]  
RewriteRule ^ https://%1%{REQUEST_URI} [R=301,L]  
RewriteCond %{HTTP:X-Forwarded-Proto} =http [OR]  
RewriteCond %{HTTP:X-Forwarded-Proto} =""  
RewriteCond %{HTTP:X-HTTPS} !1 [OR]  
RewriteCond %{HTTPS} !=on  
RewriteCond %{REQUEST_URI} !robots\.txt  
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

If you have a primary mirror with www:

RewriteCond %{HTTP_HOST} !^www\.(.*)$ [NC]  
RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]  
RewriteCond %{HTTP:X-Forwarded-Proto} =http [OR]  
RewriteCond %{HTTP:X-Forwarded-Proto} =""  
RewriteCond %{HTTP:X-HTTPS} !1 [OR]  
RewriteCond %{HTTPS} !=on  
RewriteCond %{REQUEST_URI} !robots\.txt  
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

If you have any configuration difficulties or any additional questions, you can always contact our support team via ticket system.