Setting up ssl in joomdle/joomla/moodle/virtuemart config

Since Joomdle deals with merging all these pieces, I thought this would be the best place to find this info... I'm ready to turn on ssl and I'm not sure the best steps and order for doing this. I can't seem to find anything that gives a hint about this process, but it would be unique to this situation, so let's get some info up here for the wiki.

I should turn on the ssl cert on the server first (which depends on your server), but then what?
which settings do I change in moodle? No one but admin will log into moodle.
which settings do I change in joomdle? should the "moodle url" have the https in it?
what settings do I change in joomla? I don't want a lot of security warnings as people go thru the site.
and what settings do I change in virtuemart? The credit card stuff is why we're even getting the ssl.

is that the best order to do this? or would I lock myself out of something, lol?

If I find answers somewhere else, I will post back here.

Moodle

Moodle has an option to enable login pages to force the HTTPS protocol. This is recommended but requires that your web server is configured for SSL. It is possible to run the whole site over HTTPS (typically by configuring Apache to rewrite all http:// URLs to https://) but as this disables caching, there is a considerable performance hit. Only do this if you have a very good reason.

WARNING: Before switching on login over HTTPS, make very sure that HTTPS is working (just change the http:// to https:// in any Moodle URL). If not, you may lock yourself out

docs.moodle.org/24/en/Apache

site adminsitration>security>HTTP security check "Use https for login"
Please read warning before check
{If login screen disappear after performing this task then simply add ($CFG->loginhttps="false" in config.php}

docs.moodle.org/24/en/HTTP_security

Joomla

Just goto configuration.php of your site and find this line,
var $live_site =’’;
Replace it with;
var $live_site =
Then goto your .htaccess file and add these lines to the end of the file,
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Now try your domain in the internet browser and you will have your site secured with SSL .
If in case, it doesn’t get redirected to https , then go to your Main Menu > Paramters (System) > SSL Enabled.
Switch it ON..

xxxxxxxxxxxxxxxxx

Virtuemart

Goto configuration.php of your site and edit the var $live_site =
Make sure,you enter https there.

Then goto your .htaccess file and add these lines to the end of the file,
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Goto Main Menu > Paramters (System) > SSL Enabled.
Goto administrator/components/com_virtuemart/ virtuemart.cfg.php and find
define( 'URL', xxxxxxxxxxxxx' );
define( 'SECUREURL', 'xxxxxxxxxxxxxxx );
Make sure,the structure is same as above. First is http and second is with https.

At the same file, find this,
if ( (!empty($_SERVER) && $_SERVER != 'on') || $_SERVER == '80' ) {

In this line,where you find ON, must be OFF for you. So change that to ON and in the PORT field, it will be 443 for you. Just change is to 80.

xxxxxxxxxxxxxxxxxxxxx

Joomdle

all I can think is that there is no specific change to joomdle needed.

It is 4am and I am heading to be now, so just a quick reply.

Your post was not delete but hidden as it was highlighted as a potential threat due to all the links to a site with "hackers" in it. In addition, it had numerous instructions telling people to change their configuration files to link to / set up their configurations with those domains which would clearly compromise / have a negative impact on their site following. Given this, to protect the users of this forum, the post was hidden until verified / we received a response.

Note: I have deleted your other post now.

With regards to SSL, there are only a few posts that specify and/or ask questions about SSL. The only 'real' post talks about the placement / directory of the certificate. This suggests that either people are not having problems, they are not using SSL or gave up without bothering to seek assistance.

Logically, if your Joomla and Moodle are OK then Joomdle should be as Joomdle does not know about this type of stuff since it is an extension / plugin to those platforms. Virtuemart in comparison uses SSL because of the e-commerce.

I was making it much harder than it needs to be, but I'm still getting security errors in ie... I think I narrowed it down to virtuemart's "use ssl for sentivite areas" and moodle's "require secure login".

Hello.

I had similar problems - except I'm not using Virtuemart, by now.

I have tried Mary Beth's suggestions about configuration.php and .htaccess: I made backup copies of both, then I edited them.

Since it didn't work, I restored the original files, but now I'm locked out of my Joomla! admin panel - while the frontend site is still running as it was.

Can anyone please help me, before I go for a restoration of the whole site by Akeeba Backup?

Thanks.

Luciano