If you would like to have your Login and Admin sections on a Drupal site use HTTPS there is a very simple and easy solution. Open your settings.php file that is located in drupalroot/sites/default/settings.php.  If you have set up the $base_url variable replace it with the following PHP code.  If you haven’t set this up, use this code and replace the base URL with your site’s URL.

if (!strcasecmp(substr($_SERVER['REQUEST_URI'],0,5),'/user') && !isset($_SERVER['HTTPS'])) {
header("Location: https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
exit();
}
if (!strcasecmp(substr($_SERVER['REQUEST_URI'],0,5),'/user')) {
$protocol = "https";
}
else {
$protocol = "http";
}
$base_url = $protocol . "://www.example.com";


Enjoy!

bookmark to:

Related posts:

1. Drupal is spreading: Recovery.org Until recently one of the largest sites using Drupal was the Onion.  The new White House sponsored site, Recovery.org, has...
2. Whitehouse.gov goes Drupal From Dries Buytaert: Whitehouse.gov using Drupal Big, exciting news! The flag ship website of the U.S. government, Whitehouse.gov, just relaunched...

This entry was posted by Dave Look, on Monday, November 9th, 2009 at 4:31 pm and is filed under Drupal, Web / Interactive. Tagged with: drupal, https, open source, php, security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.