302: How to get Magento to use both regular and secure connections
Many site owners want customers to be able to access their Magento catalog via normal http protocol, but switch over to https (secure) protocol for checkouts. This helps secure the data and prevent snooping or insecure data collection that can result in identity theft or other malicious activities.
To enable Magento to function with both protocols, it must be set up in a particular way. The instructions below demonstrate how to set up your Magento installation so that it can use both regular and secure protocols.
This article assumes you have purchased and SSL for your site. Please see our articles on SSL information if you need one.
- Install Magento using the regular standard http protocol. This example demonstrates an installation being done with the Softaculous software installer. Note that we selected the http protocol from the Choose Protocol dropdown list.
- After your Magento installation is complete, log into your Magento Admin panel. Our magento test site is located at magento.inmotiontesting.com so the admin login is located at magento.inmotiontesting.com/admin.
- From the admin dashboard, using the top menu bar, hover over the System option and click on Configuration from the pop-up menu.
- This brings you to the configuration section. Using the left hand sidebar and click on the Web option found in the General section. This will display the Web options in the right-hand panel.
- Click on the Secure label so the options will expand. From there, find the field entitled Use Secure URLs in Frontend and select the Yes option from the dropdown.
- Once the option is set, click the Save Config button found in the upper right corner of the scree to save the changes. This enables your SSL security certificate to perform when a customer checks out.