Plesk CBM - Store not protected by SSL

[Ross K]

I have noticed that our Plesk CBM store does not appear to 'force' SSL - which will transmit the customer signup data in the clear. When a user clicks through to the store from the web-site widget, they are taken to the following URL:

http://mydomain.com:8880/store/cart/select-domain.html

Is there a way to force all connections to the store to use SSL?

 

[EugeneL]

Hello, Ross

It looks like you added the widget with URL like http://domain.com/...

Look, if you add widget with the following code, your customers will use HTTPS protocol.
<script type="text/javascript" src="https://domain.com:8443/store/catalog-widget-js/widget-1.html"></script>
But to make this working you need valid SSL certificate to be installed.

Otherwise you can add the widget using the following code:
<script type="text/javascript" src="http://domain.com:8880/store/catalog-widget-js/widget-1.html"></script>
In this case you do not need to worry about SSL certificate but your customer will open online store without protection.

 

[Ross K]

Thanks Eugene, that worked!

It seems though, as best practice, the panel should generate SSL links by default? Just a suggestion for a future update.

Thanks again for your help.