Store URLs & SSL

Go to System → Settings → Store Details

Store URL

Include the full secure URL to your store. Make sure to add '/' at the end. Example: https://www.yourdomain.com/path/ or https://www.yourdomain.com/

Insecure URL starting from HTTP is for testing only.  HTTPS provides a secure browsing experience by encrypting data and cookie-sending behavior.

Store Url created automatically after AbanteCart installation, modify it only if you move your store to another folder or change domain name.


Difference between WWW vs non-WWW

When you add www. in front of a site, it acts as a hostname which can help with flexibility with DNS, the ability to restrict cookies when using multiple subdomains, and more.

Important note: for multi-store setup www or another prefix (subdomain) is required for the Default store


Secure Store URL

This will be the URL used during the viewing of secure store pages (login, my account, checkout, etc) via HTTPS protocol. Include the full SSL URL(HTTPS) in your store. Make sure to add '/' at the end. Example: https://www.yourdomain.com/path/

You can set a separate domain for secure connections (shared SSL domain). To use SSL check with your host if an SSL certificate is installed. 

Common issue

A common error is when a subdomain is accessed is different from a certificate domain. For example, you may have entered the site with https://domain.com, but the certificate is issued for https://www.domain.com.



How to enable SSL in your AbanteCart?

Step 1: Install SSL certificate on your server

SSL certificate is required to be installed on your server.

Please contact your hosting support to help you install the SSL certificate correctly on your server.

Configuration combinations related to store URLs

SSL is disabled (Test only)


SSL Enabled for secure store pages only (login, my account, checkout, etc) Test only


SSL Enabled for all store pages (required for Live stores)


Full Site SSL

You should enable SSL for all pages in your live store. It is recommended to set up a redirect with .htaccess rules to force all web traffic to use the HTTPS version of your site.

Forcing visitors to use SSL can be accomplished through your .htaccess file using mod_rewrite. Ask your hosting support to help you.

Redirect will help to avoid SameSite cookie warning issues and other warnings in case your customers accidentally visit your store with a non-secure HTTP protocol

SSL and Payment processors

Before setting your web store to Live, make sure your payment methods work with the SSL certificate type you have installed on the server.