Guest Posted January 31, 2004 Share Posted January 31, 2004 Im having a problem with my SSL. I had it working with images before and all of a sudden they stopped working. I have added some contribs but havent changed anything to do with images. I right click on the broken image and the address it says the image is at is correct and works on its own. I am also currently working on another oscommerce site which the images work fine in ssl :blink: https://host101.ipowerweb.com/~reloadga/ thanks for any and all help, I Link to comment Share on other sites More sharing options...
wvmlt Posted January 31, 2004 Share Posted January 31, 2004 Check in catalog/includes/configure.php and admin/includes/config.php and make sure you have the right paths set. Keith What the hell was I thinkin'? Link to comment Share on other sites More sharing options...
Guest Posted January 31, 2004 Share Posted January 31, 2004 Well, I compared the configuration files between the two sites and they are exactly the same (with respect to domain names and such) - both sites are hosted with the same company and were set up in the same way. I checked permissions on all images and folders in my site and still nothing works :unsure: --I Link to comment Share on other sites More sharing options...
Guest Posted January 31, 2004 Share Posted January 31, 2004 Well I figured it out. Anyone who has hosting with ipowerweb has an option to prevent others from hot linking images from your site (linking directly to images on your site to cut down on their bandwidth) - I had turned it off for my site and the server thought the shared SSL server was trying to steal images :rolleyes: thanks to wvmlt for replying anyway B) --I Link to comment Share on other sites More sharing options...
jatapani Posted February 1, 2004 Share Posted February 1, 2004 Anyone who has hosting with ipowerweb has an option to prevent others from hot linking images from your site Hey that could be my problem... My site is hosted at EasyWeb but they don't offer an admin page, is that how you did it or just asked the support crew? Damn it, if this solves my problem that would be cool. Link to comment Share on other sites More sharing options...
strced Posted February 16, 2004 Share Posted February 16, 2004 :) Thanks reload for posting the root cause and soloution for the problem you were having...I was having the same problem with https and couldn't figure it out until I found your post. I just put the https url on my allowed list and it all works again....Thanks Again Link to comment Share on other sites More sharing options...
jenawade Posted March 8, 2004 Share Posted March 8, 2004 Awesome, that fixed my problem, too! :D Link to comment Share on other sites More sharing options...
sdrattler1 Posted April 16, 2007 Share Posted April 16, 2007 :rolleyes: :rolleyes: Well I figured it out. Anyone who has hosting with ipowerweb has an option to prevent others from hot linking images from your site (linking directly to images on your site to cut down on their bandwidth) - I had turned it off for my site and the server thought the shared SSL server was trying to steal images :rolleyes: thanks to wvmlt for replying anyway B) --I :rolleyes: Thanks for your post! I had the same issue - just added ssl late last night - Added the HTTPS urls to my hotlink protection and the images reapeared! Thank you! -Tim- Link to comment Share on other sites More sharing options...
jamiedia Posted April 19, 2007 Share Posted April 19, 2007 I'm having a similar problem but that doesnt seem to be it. I have used a shared ssl for ages and have just installed a ssl certificate now the images wont upload. I get a 406 not acceptable error! The resource cannot be displayed and its got me stumped does anyone have any ideas? Link to comment Share on other sites More sharing options...
jhande Posted October 22, 2007 Share Posted October 22, 2007 Well I figured it out. Anyone who has hosting with ipowerweb has an option to prevent others from hot linking images from your site (linking directly to images on your site to cut down on their bandwidth) - I had turned it off for my site and the server thought the shared SSL server was trying to steal images :rolleyes: thanks to wvmlt for replying anyway B) --I WOW such a life saver... thank you! I had the same problem with images not showing up and I'm with BlueHost.com. Same feature for hot linking which I never bothered with, until now LOL. Just added my https root address and wa-la. Wish I found this post earlier. Now does anyone know how to stink my hair back in my head? (w00t) - :: Jim :: - - My Toolbox ~ Adobe Web Bundle, XAMPP & WinMerge | Install ~ osC v2.3.3.4 - Link to comment Share on other sites More sharing options...
jhande Posted October 22, 2007 Share Posted October 22, 2007 I'm having a similar problem but that doesnt seem to be it. I have used a shared ssl for ages and have just installed a ssl certificate now the images wont upload. I get a 406 not acceptable error! The resource cannot be displayed and its got me stumped does anyone have any ideas? Did you also make the necessary changes in your configuration.php file to reflect the new secure path? - :: Jim :: - - My Toolbox ~ Adobe Web Bundle, XAMPP & WinMerge | Install ~ osC v2.3.3.4 - Link to comment Share on other sites More sharing options...
Measha06 Posted November 9, 2007 Share Posted November 9, 2007 I have paid for an SSL certificate to be installed by Vodahost, they have completed the work they say but there is no Rapid SSL logo. I asked where it was and was told that is up to me to put on the site. they have sent me a zipped folder with the image in but I really do not know what to do with it, how to get it on the site or where to put it, plus I presume it should have some sort of link connected to it. Can anybody advise what where when and how to sort this, as there seems little use in having paid for this for the security of customers if they do not know I have done this. Hoping for a speedy response from anybody, somebody who has already completed this step. Liz A very appreciative member still attempting to climb the steep learning curve! Link to comment Share on other sites More sharing options...
Guest Posted November 9, 2007 Share Posted November 9, 2007 Check in catalog/includes/configure.php and admin/includes/config.php and make sure you have the right paths set. This might be what I need. I'll check it out. My images are saving to a stray folder when I add a new product. Ta! Link to comment Share on other sites More sharing options...
codieskid Posted November 19, 2007 Share Posted November 19, 2007 Hi there I have got the same problem and my hosting is with Media temple. www.rccarshop.co.uk/catalog So do I need to go into the admin account in my media temple server and add https to my safe list or allow hot linking on the site for the ssl to work and the images to show. Its really weird. Everything was working fine and then suddenly the images wouldn't show and i got the unsure site message when accessing https:// Link to comment Share on other sites More sharing options...
porpoise1954 Posted December 15, 2007 Share Posted December 15, 2007 My problem is along similar lines. Have just installed SSL certificate (through 1and1 hosting) and it's working fine except..... If I change the configure.php according to instructions elsewhere in these forums, I get the secure/insecure pop-up warning box and if selecting "do not include insecure items", I get the relevant pages without the images. The images on the http pages are fine. Currently, the only way I can get the images to show on the https pages is to make the whole site https in configure.php - which is obviously overkill. It seems like the SSL conditional code within the osC files isn't working like it says on the tin. Anyone have any ideas on a simple fix that doesn't involve going through every file that's included within the https pages to change all the <img src tags to https://mysite.com/images/file.jpg * * * * * * * * * * * * * * * * * * * * * Porpoises are most happy when wet! \ _ \ _ \ _ \ _ \ _ \ _ \ _ \ _ \ _ \ _ \ _ \ _ Link to comment Share on other sites More sharing options...
Guest Posted December 15, 2007 Share Posted December 15, 2007 My problem is along similar lines. Have just installed SSL certificate (through 1and1 hosting) and it's working fine except..... If I change the configure.php according to instructions elsewhere in these forums, I get the secure/insecure pop-up warning box and if selecting "do not include insecure items", I get the relevant pages without the images. The images on the http pages are fine. Currently, the only way I can get the images to show on the https pages is to make the whole site https in configure.php - which is obviously overkill. It seems like the SSL conditional code within the osC files isn't working like it says on the tin. Anyone have any ideas on a simple fix that doesn't involve going through every file that's included within the https pages to change all the <img src tags to https://mysite.com/images/file.jpg Maybe post your configure.php file without the database info. Link to comment Share on other sites More sharing options...
♥Vger Posted December 15, 2007 Share Posted December 15, 2007 I guess I better add this tip here, it's the logical place after all. This is for people who are having trouble getting ssl to work, especially shared ssl. The way I've written it is oriented towards a 1&1 server but its use is general and applies to all servers. It's all about setting line 41 in application_top.php for those cases where the standard query does not work. This is line 41: $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL'; Now that's a very narrow test and lots of servers won't respond with on (or at all) to that. So the trick is to find out how the server does respond. Create a little file, I named it myenv.php, with these lines: CODE <?php echo 'HTTP HOST: ' . "$HTTP_HOST"; echo '<br>Server Port: ' . getenv('SERVER_PORT'); echo '<br>SSL Status: ' . getenv('HTTPS'); echo '<br>Fowarded Server: ' . getenv('HTTP_X_FORWARDED_SERVER'); echo '<br>Fowarded Host: ' . getenv('HTTP_X_FORWARDED_HOST'); echo '<br>Fowarded By: ' . getenv('HTTP_X_FORWARDED_BY'); ?> If you put that somewhere on the server, probably root and run it like so: https://ssl.shared.com/mydomain.com/myenv.php you'll be able to see how the server responds to these queries. You'll need to change this to fit your situation but you get the idea. Some dedicated ssls respond with a 1 instead of on to No. 3 for example. Shared servers may respond differently to 4 & 5 but 1&1 gives the same response to both. Once you know how the server answers these queries you can figure out the best solution for line 41 in application_top.php. If, for example, you have a dedicated ssl and query 3 returns a 1 then you simply change line 41 to: $request_type = (getenv('HTTPS') == '1') ? 'SSL' : 'NONSSL'; Frequently on shared servers you'll get no response at all to getenv('HTTPS'). This is where the other responses are useful (and most people have problems). For example shared 1&1 returns ssl.perfora.net to queries 4 and 5. So setting line 41 line as below does the trick (I'm commenting out the original line for reference). // $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL'; $request_type = (getenv('HTTP_X_FORWARDED_HOST') == 'ssl.perfora.net') ? 'SSL' : 'NONSSL'; Here's another case: The standard ssl port for dedicated ssl is 443 (the standard http port is 80). I've seen dedicated ssl which returns no response for getenv('HTTPS') but does return a 443. In this case you can set line 41, testing for port 443, like so: $request_type = (getenv('SERVER_PORT') == '443') ? 'SSL' : 'NONSSL'; The best way to use the script is to run it in both http and https environments and look at the differences in the responses. You want to pick a response which is unique to ssl (your https connection), it's no use to pick something which stays the same in both modes, you want to pick something to make a switch. One more thing: ================================================================================ ========================= How do you know if your ssl is switching on and off as it should? Simple, in source view, near the top of every page you'll see in your browser you'll find this line: In http (no ssl engaged, regular pages) <base href="http://www.somedomain.com/catalog/"> (assuming you're using the catalog folder) In https (ssl engaged - my account, checkout, etc.) <base href="https://www.somedomain.com/catalog/"> or for shared ssl something like this: <base href="https://ssl.myhost.com/somedomain/catalog/"> That's it. That's what line 41 is all about, it sets that line. So when you find a broken padlock or the images aren't loading that's the first place you need to look. The goal is to get that switching back and forth as you change from http to https and back. Vger Link to comment Share on other sites More sharing options...
porpoise1954 Posted December 16, 2007 Share Posted December 16, 2007 Maybe post your configure.php file without the database info. Here it is: // Define the webserver and path parameters // * DIR_FS_* = Filesystem directories (local/physical) // * DIR_WS_* = Webserver directories (virtual/URL) define('HTTP_SERVER', 'http://www.site.co.uk/'); // eg, [url="http://localhost"]http://localhost[/url] - should not be empty for productive servers [color="#ff0000"](this is where I have to make it https: so the images show but of course this makes the whole site https)[/color] define('HTTPS_SERVER', 'https://www.site.co.uk/'); // eg, [url="https://localhost"]https://localhost[/url] - should not be empty for productive servers define('ENABLE_SSL', false); // secure webserver for checkout procedure? define('HTTP_COOKIE_DOMAIN', 'www.site.co.uk'); define('HTTPS_COOKIE_DOMAIN', 'www.site.co.uk'); define('HTTP_COOKIE_PATH', ''); define('HTTPS_COOKIE_PATH', ''); define('DIR_WS_HTTP_CATALOG', ''); define('DIR_WS_HTTPS_CATALOG', ''); define('DIR_WS_IMAGES', 'images/'); The CATALOG path is blank because the shop is in the site root * * * * * * * * * * * * * * * * * * * * * Porpoises are most happy when wet! \ _ \ _ \ _ \ _ \ _ \ _ \ _ \ _ \ _ \ _ \ _ \ _ Link to comment Share on other sites More sharing options...
♥Vger Posted December 16, 2007 Share Posted December 16, 2007 define('HTTP_SERVER', 'http://www.site.co.uk'); define('HTTPS_SERVER', 'https://www.site.co.uk'); define('ENABLE_SSL', true); define('HTTP_COOKIE_DOMAIN', 'www.site.co.uk'); define('HTTPS_COOKIE_DOMAIN', 'www.site.co.uk'); define('HTTP_COOKIE_PATH', '/'); define('HTTPS_COOKIE_PATH', '/'); define('DIR_WS_HTTP_CATALOG', '/'); define('DIR_WS_HTTPS_CATALOG', '/'); Make sure your SSL Cert is made out to www.site.co.uk and not just to site.co.uk. If the ssl cert is made out to site.co.uk then amend the http and https_cookie_domain settings accordingly. If that still doesn't work then there's either a problem with the coding of your site or with the way your hosting handles ssl. Vger Link to comment Share on other sites More sharing options...
porpoise1954 Posted December 16, 2007 Share Posted December 16, 2007 define('HTTP_SERVER', 'http://www.site.co.uk');define('HTTPS_SERVER', 'https://www.site.co.uk'); define('ENABLE_SSL', true); define('HTTP_COOKIE_DOMAIN', 'www.site.co.uk'); define('HTTPS_COOKIE_DOMAIN', 'www.site.co.uk'); define('HTTP_COOKIE_PATH', '/'); define('HTTPS_COOKIE_PATH', '/'); define('DIR_WS_HTTP_CATALOG', '/'); define('DIR_WS_HTTPS_CATALOG', '/'); Make sure your SSL Cert is made out to www.site.co.uk and not just to site.co.uk. If the ssl cert is made out to site.co.uk then amend the http and https_cookie_domain settings accordingly. If that still doesn't work then there's either a problem with the coding of your site or with the way your hosting handles ssl. Vger Thanks Vger - That forward slash could be the issue, everything else seems to be correct. I'll have to wait 'til tomorrow to try it again, as I have to get our payment service provider to switch it over on their system as well so that the post to their server will be accepted from the https url. * * * * * * * * * * * * * * * * * * * * * Porpoises are most happy when wet! \ _ \ _ \ _ \ _ \ _ \ _ \ _ \ _ \ _ \ _ \ _ \ _ Link to comment Share on other sites More sharing options...
porpoise1954 Posted December 18, 2007 Share Posted December 18, 2007 <br /> <br />Thanks Vger - That forward slash could be the issue, everything else seems to be correct. I'll have to wait 'til tomorrow to try it again, as I have to get our payment service provider to switch it over on their system as well so that the post to their server will be accepted from the https url.<br /><br /><br /><br /> Unfortunately, that isn't it - that just introduces 2 lots of / at the end of the domain e.g. Http://site.co.uk//images.............. as my base url already has the forward slash at the end of the domain name * * * * * * * * * * * * * * * * * * * * * Porpoises are most happy when wet! \ _ \ _ \ _ \ _ \ _ \ _ \ _ \ _ \ _ \ _ \ _ \ _ Link to comment Share on other sites More sharing options...
mcalautt Posted January 2, 2008 Share Posted January 2, 2008 Im having a problem with my SSL. I had it working with images before and all of a sudden they stopped working. I have added some contribs but havent changed anything to do with images. I right click on the broken image and the address it says the image is at is correct and works on its own. I am also currently working on another oscommerce site which the images work fine in ssl :blink: https://host101.ipowerweb.com/~reloadga/ thanks for any and all help, I My site loads fine with https in firefox. but in IE, none of the images display. I dont have hotlink enabled.. any suggestions ? https://www.petescycleandsled.com/catalog/ Link to comment Share on other sites More sharing options...
mcalautt Posted January 2, 2008 Share Posted January 2, 2008 it doesnt seem to matter if i enable or disable hotlink protection. still wont load in IE> :-( Link to comment Share on other sites More sharing options...
mcalautt Posted January 2, 2008 Share Posted January 2, 2008 MY BAD> i fixed it. I really only wanted SSL for the login for customers and checkout anyway.. you can enable it in configure.php and add the SSL url . cat configure.php <?php /* osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright © 2003 osCommerce Released under the GNU General Public License */ // Define the webserver and path parameters // * DIR_FS_* = Filesystem directories (local/physical) // * DIR_WS_* = Webserver directories (virtual/URL) define('HTTP_SERVER', 'http://www.example.com'); // eg, http://localhost - should not be empty for productive servers define('HTTPS_SERVER', 'https://www.example.com/catalog/'); // eg, https://localhost - should not be empty for productive servers define('ENABLE_SSL', true); // secure webserver for checkout procedure? <------------------------------------------------- define('HTTP_COOKIE_DOMAIN', 'www.example.com'); define('HTTPS_COOKIE_DOMAIN', ''); define('HTTP_COOKIE_PATH', '/catalog/'); define('HTTPS_COOKIE_PATH', ''); define('DIR_WS_HTTP_CATALOG', '/catalog/'); define('DIR_WS_HTTPS_CATALOG', ''); define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/'); define('DIR_FS_CATALOG', '/home/examp/public_html/catalog/'); define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/'); define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/'); // define our database connection define('DB_SERVER', 'localhost'); // eg, localhost - should not be empty for productive servers define('DB_SERVER_USERNAME', 'exa_ple'); define('DB_SERVER_PASSWORD', 'example'); define('DB_DATABASE', 'exa_ple'); define('USE_PCONNECT', 'false'); // use persistent connections? define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql' ?> Link to comment Share on other sites More sharing options...
hwang168 Posted February 1, 2008 Share Posted February 1, 2008 Vger $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL'; Frequently on shared servers you'll get no response at all to getenv('HTTPS'). I changed application_top.php line 41 code as below, solved security warning problem: $request_type = (getenv('HTTPS') == '') ? 'SSL' : 'NONSSL'; Thank all members here! Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.