Force HTTPS on Magento Shopping Cart Pages & Admin Backend

Magento Go: Open Your Online Store for Free!

After you have installed SSL certificate for your eCommerce site and the HTTPS version of your domain is successfully accessible, Magento doesn’t automatically use HTTPS for some of the important pages across the site, such as /checkout/cart/, /customer/account/, etc.

Enable HTTPS for your Magento store

You have to explicitly enable HTTPS for your Magento store if you didn’t select HTTPS during installation.

In the Admin panel: System -> Configuration -> General -> Web -> Secure

  1. Base URL –
  2. Use Secure URLs in Frontend – Yes
  3. Use Secure URLs in Admin – Yes

Now Magento should be using HTTPS:// for all the important frontend pages (/customer/account/, /checkout/onepage/, etc.) and across the entire backend Admin pane.

Wait, /checkout/cart/ is still not HTTPS!

Yep. You have to do one more thing to make sure /checkout/cart/ is also automatically HTTPS.

EditĀ app/code/core/Mage/Checkout/etc/config.xml, find this:


And add this line immediately below:


So that it looks like this:


Refresh all the cache and Magento should be using HTTPS on /checkout/cart/ now.

Premium Magento Theme: Avalanche Grab the latest premium Magento theme: Avalanche to kick-start your store! Get to know it and you will definitely look no further. Use coupon code:

Click To Open/Copy
To get 15% exclusive discount for readers.

Magento Go Shopping Cart
Use these 3 promo codes to get lifetime discount off Magento Go!

One thought on “Force HTTPS on Magento Shopping Cart Pages & Admin Backend