Jump to content

aspire321

Members
  • Content count

    10
  • Joined

  • Last visited

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. I renewed my SSL certificate two weeks ago. Sometimes I get a broken-padlock warning/error message (loads old certificate for some reason). I even added this in the htaccess file (to redirect to https site) RewriteEngine On RewriteCond %{HTTPS} off RewriteCond %{HTTP_HOST} ^(www\.)?MYDOMAIN\.com$ [NC] RewriteRule ^(.*)$ https://www.MYDOMAIN.com/$1 [L,R=301] I tried different settings in the configure files, but that didn't solve it. Currently I'm using this - <?php define('HTTP_SERVER', 'https://www.MYDOMAIN.com'); define('HTTPS_SERVER', 'https://www.MYDOMAIN.com'); define('ENABLE_SSL', true); define('HTTP_COOKIE_DOMAIN', ''); define('HTTPS_COOKIE_DOMAIN', ''); define('HTTP_COOKIE_PATH', ''); define('HTTPS_COOKIE_PATH', ''); define('DIR_WS_HTTP_CATALOG', '/'); define('DIR_WS_HTTPS_CATALOG', '/'); define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/'); define('DIR_FS_CATALOG', '/home/content/15/3770715/html/'); define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/'); define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/'); And admin uses this - <?php define('HTTP_SERVER', 'https://www.MYDOMAIN.com'); define('HTTPS_SERVER', 'https://www.MYDOMAIN.com'); define('ENABLE_SSL', true); define('HTTP_COOKIE_DOMAIN', ''); define('HTTPS_COOKIE_DOMAIN', ''); define('HTTP_COOKIE_PATH', '/Trees'); define('HTTPS_COOKIE_PATH', '/Trees'); define('HTTP_CATALOG_SERVER', 'https://www.MYDOMAIN.com'); define('HTTPS_CATALOG_SERVER', 'https://www.MYDOMAIN.com'); define('ENABLE_SSL_CATALOG', 'true'); define('DIR_FS_DOCUMENT_ROOT', '/home/content/15/3770715/html/'); define('DIR_WS_ADMIN', '/Trees/'); define('DIR_WS_HTTPS_ADMIN', '/Trees/'); define('DIR_FS_ADMIN', '/home/content/15/3770715/html/Trees/'); define('DIR_WS_CATALOG', '/'); define('DIR_WS_HTTPS_CATALOG', '/'); define('DIR_FS_CATALOG', '/home/content/15/3770715/html/'); define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . '/images/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/'); define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/'); define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/'); define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/'); define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/'); Do you have any suggestions please, like I've said I already tried many things. PS : I tried adding Strict-Transport-Security to the htaccess but that causes the site to fail to load.
  2. aspire321

    Security Directory Permissions

    I checked and most files are set to 604. Most directories set to 705. Configure files are 404.
  3. aspire321

    Security Directory Permissions

    Thanks Jack for the reply, I'll check and rectify shortly.
  4. I have a question for Security Directory Permissions on Oscommerce v2.3.4.1 It says some directories are writable, but some are not recommended to be writable. Is it necessary to make all of those directories then to non-writable? Thanks.
  5. Hello. My OSC v2.3.4.1 has had the .htaccess file modified, to redirect search engine traffic to a pharma site. It's easy to fix the htaccess file when that happens, but I'm looking for a solution. I read here that file injection is more likely to be caused by something that writes files. E.g. admin/backups.php, categories.php, define_languages.php Because there was a directory created in the root folder which had an obfuscated coded image file. In looking further it appears this could possibly be a jQuery v1.11.1 exploit. Is it possible to update jQuery to a newer version to solve this? Thanks a lot for your input.
  6. aspire321

    Products Weight editor?

    Thanks I'll check it.
  7. I've added additional weight options via products_attributes.php, but this just shows the options on the product page without actually editing the products weight. For example, I have a product weight of 30grams. I then add an attribute allowing the customer to select 100grams (with the necessary price increase), but this does not add 0.07 to that product weight - it still just keeps the original weight of 0.03 in the shopping cart. This doesn't work because my shipping is based on weight! Is there a solution for this?
  8. aspire321

    Quick Updater PRO - anything similar?

    Yes I read the description before posting, but I don't want mass update via csv file - a module in admin would be better, to enable one to choose which attribute one wanted to edit at a time.
  9. aspire321

    Quick Updater PRO - anything similar?

    Specifically I need to edit product attributes with regards to weight and then add the price for the different weight options. There's probably something similar, any ideas?
  10. Hello. There used to be a wonderful and time-saving paid contribution - Quick Updater PRO by concept laboratory. https://web.archive.org/web/20080913092959/http://conceptlaboratory.com:80/quick-updater-pro-cre-osc-zen-module.php I had this but now after upgrading my Oscommerce to newer version it's not available ;( It saved a lot of time by being able to update multiple products info description, etc etc at once, instead of one by one. I see there website is down, is there anything similar to this? Thanks!
×