Securing OpenX

OpenX is usually installed on a standard web server. It can be accessed using the regular, insecure HTTP protocol. To increase the security of the administrator interface you can use SSL for encryption. Your web server must be capable of serving SSL-encrypted pages and you must have a valid security certificate. You can either:

• Secure installation on shared server
• Secure installation on a separate server

To use one server for banner delivery and a secure administrator interface, in the conf.php file:

• Enable the ui_forcessl setting. When this option is enabled, OpenX will automatically redirect the browser to secure pages.
• Assign the url_prefix setting to the secure URL where Openx is running, for example https://www.example.com/openx.

To use a separate secure server for the administrator interface, perform the same changes to the conf.php file on the secure server. On the non-secure server where you are running OpenX delivery, disable the ui_enabled setting in the conf.php file to disable the adminstrator interface on that server.