opencart .htaccess 强制 https 和 htpasswd

Question

目标

1. 我的目标是将所有 http 流量重定向到带有 www 的 https。前缀
2. 我想在我的管理目录中添加 htpasswd。(https)

当前问题

当我访问 https://www.myshop.com/my/admin 它提示进行基本身份验证。当我输入正确时，它会重定向到http://www.myshop.com/my/admin并再次提示Basic Authenticate，我需要再次输入然后我只重定向回https://www.myshop.com/my/admin然后显示登录页面。

下面是我的代码，我做错了哪一部分，或者最好的解决方案是什么？

我的 opencart 放在一个国家名称的文件夹中。例如 /my 为马来西亚 在我的根文件中，我有 opencart .htaccess

我的虚拟主机设置在 /var/www/html/opencart2/

我所有的开发文件都在这里。 /var/www/html/opencart2/my/

我的 .htaccess /var/www/html/opencart2/my/.htaccess

# 1.To use URL Alias you need to be running apache with mod_rewrite enabled. 

# 2. In your opencart directory rename htaccess.txt to .htaccess.

# For any support issues please visit: http://www.opencart.com

Options +FollowSymlinks

# Prevent Directoy listing 
Options -Indexes

# Prevent Direct Access to files
<FilesMatch "\.(tpl|ini|log)">
 Order deny,allow
 Deny from all
</FilesMatch>

# SEO URL Settings
RewriteEngine On
# If your opencart installation does not run on the main web folder make sure you folder it does run in ie. / becomes /shop/ 

RewriteBase /my/
#force run https
RewriteCond %{HTTP_HOST} ^myshop.com$
RewriteRule ^(admin)($|/) - [L]
RewriteRule (.*) https://www.myshop.com/my/$1 [R=301,L]

#AWS EB REDIRECT to https
#RewriteCond %{HTTP:X-Forwarded-Proto} !https
#RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

RewriteRule ^sitemap.xml$ index.php?route=feed/google_sitemap [L]
RewriteRule ^googlebase.xml$ index.php?route=feed/google_base [L]
#NEW REWRITE RULES
RewriteRule    ^contact/?$    index.php?route=information/contact  [L]  #Contact Page
#END NEW REWRITE RULES
RewriteRule ^download/(.*) /index.php?route=error/not_found [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !.*\.(ico|gif|jpg|jpeg|png|js|css)
RewriteRule ^([^?]*) index.php?_route_=$1 [L,QSA]

### Additional Settings that may need to be enabled for some servers 
### Uncomment the commands by removing the # sign in front of it.
### If you get an "Internal Server Error 500" after enabling any of the following settings, restore the # as this means your host doesn't allow that.

# 1. If your cart only allows you to add one item at a time, it is possible register_globals is on. This may work to disable it:
# php_flag register_globals off

# 2. If your cart has magic quotes enabled, This may work to disable it:
# php_flag magic_quotes_gpc Off

# 3. Set max upload file size. Most hosts will limit this and not allow it to be overridden but you can try
# php_value upload_max_filesize 999M

# 4. set max post size. uncomment this line if you have a lot of product options or are getting errors where forms are not saving all fields
# php_value post_max_size 999M

# 5. set max time script can take. uncomment this line if you have a lot of product options or are getting errors where forms are not saving all fields
# php_value max_execution_time 200

# 6. set max time for input to be recieved. Uncomment this line if you have a lot of product options or are getting errors where forms are not saving all fields
# php_value max_input_time 200

# 7. disable open_basedir limitations
# php_admin_value open_basedir none

在我的管理文件夹下 .htaccess /var/www/html/opencart2/my/admin/.htaccess

AuthType Basic
AuthName "Admin Area"
AuthUserFile /usr/share/apache/secret/.htpasswd
Require valid-user

我为这个案例创建了一个类似的环境 https://opencart.webhop.me/my/admin/

用户名：管理员 密码：管理员

当您登录时，您会看到它会提示两次。

Answer 1

如果管理员登录表单提交到 http://，您可能需要更新 admin/config.php 常量 HTTPS_SERVER 并确保它在 url 中有 https://。还要确保在您的管理设置中将“使用 SSL” 设置为 “是”。