Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

The SSL In OsCommerce Guide For The Innocent


Simplyeasier

Recommended Posts

Fanyastic information and advice here - Thanks guys. I do have a couple of slight problems which I would be very grateful for a steer on.

 

I use 1and1 and am now aware that using the shared SSL is not too easy. However thanks to the tips in the forum I have made progress. When moving from cart to checkout SSL seems to kick in and I am diverted to https://sslrelay.com/mydomain.co.uk/etcetc.

 

However the locked padlock flashes up for less than a second and then disappears. What is going on here and is it a problem? If so how can I fix it? It would be so nice to see the secure padlock on the checkout page to give my customers some added security and confidence.

 

Secondly SSL in Admin???? I can access this using the https://sslrelay.com/mydomain/ catalog/admin and the secure padlock appears (although the bottom left hand side shows "You are not protected by a secure SSL connection." However I can also access this admin area through http://www.mydomain.co.uk/catalog/admin/ Surely I should not be able to do this as it could be a security gap? Am I going mad?? Sorry if these are stupid questions but many thanks for the fantastic help and pointers so far!

 

 

Ok, strangely I have got the SSL admin working fine but still cannot get the catalog working fully in SSL. When checking out the site diverts to the ssl page (shared ssl) and is fine. When loging in I am again diverted to ssl pages. However on all of these occassions the treasured "Golden Padlock" flickers on for a second or two and then disappears.

 

My guess would be that it is a link from "outside" but I have managed to disable banners when in the SSL side of the site such as checkout. I have no external counter so must have missed something obvious.

 

Please would someone have a look and make some suggestions please. The site is here http://www.pianocoversonline.co.uk/catalog

 

Many thanks.

You will never learn if you don't try. And boy am I trying....!

Link to comment
Share on other sites

  • Replies 401
  • Created
  • Last Reply
Please would someone have a look and make some suggestions please. The site is here http://www.pianocoversonline.co.uk/catalog

 

Many thanks.

Just look at the source view. You're pulling in all kinds of stuff from http: sources.

 

<script language="javascript"><!-- function session_win() {
window.open("http://www.pianocoversonline.co.uk/catalog/
info_shopping_cart.php?osCsid=
51bd45214a195b97c7142e72e247e026","info_shopping_cart","
height=460,width=430,toolbar=no,statusbar=no,scrollbars=yes"
).focus(); } //--></script>

var phpmyvisitesURL =
"http://www.pianocoversonline.co.uk/stats/phpmyvisites.php";
<script language=javascript
src="http://www.pianocoversonline.co.uk/stats/phpmyvisites.
js"></script> <img
src="http://www.pianocoversonline.co.uk/stats/phpmyvisites.
php" alt="phpMyVisites" style="border:0" />
src="http://rcm-uk.amazon.co.uk/e/cm?t=arcadianscric-21&o=2&
p=6&l=bn1&mode=video-games-uk&browse=403718&=1&fc1=&lt1=&lc1
=&bg1=&f=ifr"

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites

Just look at the source view. You're pulling in all kinds of stuff from http: sources.

 

<script language="javascript"><!-- function session_win() {
window.open("http://www.pianocoversonline.co.uk/catalog/
info_shopping_cart.php?osCsid=
51bd45214a195b97c7142e72e247e026","info_shopping_cart","
height=460,width=430,toolbar=no,statusbar=no,scrollbars=yes"
).focus(); } //--></script>

var phpmyvisitesURL =
"http://www.pianocoversonline.co.uk/stats/phpmyvisites.php";
<script language=javascript
src="http://www.pianocoversonline.co.uk/stats/phpmyvisites.
js"></script> <img
src="http://www.pianocoversonline.co.uk/stats/phpmyvisites.
php" alt="phpMyVisites" style="border:0" />
src="http://rcm-uk.amazon.co.uk/e/cm?t=arcadianscric-21&o=2&
p=6&l=bn1&mode=video-games-uk&browse=403718&=1&fc1=&lt1=&lc1
=&bg1=&f=ifr"

 

Thanks for this. I just need to find the reight file with this in. Could you tell e which page pleae?

You will never learn if you don't try. And boy am I trying....!

Link to comment
Share on other sites

Ok, from looking through this entire topic, I will tell you EXACTLY what I did to get both admin and secure areas of my site to work. (Thanks to everyone who posted here)

 

First I made the file called mytest.php with the following lines:

 

<?php
echo 'HTTP HOST: ' . "$HTTP_HOST";
echo '<br>Server Port: ' . getenv('SERVER_PORT');
echo '<br>SSL Status: ' . getenv('HTTPS');
echo '<br>Fowarded Server: ' . getenv('HTTP_X_FORWARDED_SERVER');
echo '<br>Fowarded Host: ' . getenv('HTTP_X_FORWARDED_HOST');
echo '<br>Fowarded By: ' . getenv('HTTP_X_FORWARDED_BY');
?>

 

Then I uploaded it to my site (root)

 

Then I opened up internet explorer and typed:

 

https://www.mysite.com/mytest.php

 

I saw that it said port 443

 

I then opened /includes/application_top.php

 

And went to line 40 (approx - mine has has addons)

 

And changed:

 

// set the type of request (secure or not)
 $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';

 

To:

 

// set the type of request (secure or not)
 $request_type = (getenv('SERVER_PORT') == '443') ? 'SSL' : 'NONSSL';

 

Then I went to /admin/index.php

 

And went to line 226 (approx - mine has has addons)

 

And changed:

 

  $contents = array();

 if (getenv('HTTPS') == 'on') {
$size = ((getenv('SSL_CIPHER_ALGKEYSIZE')) ? getenv('SSL_CIPHER_ALGKEYSIZE') . '-bit' : '<i>' . BOX_CONNECTION_UNKNOWN . '</i>');
$contents[] = array('params' => 'class="infoBox"',
					'text' => tep_image(DIR_WS_ICONS . 'locked.gif', ICON_LOCKED, '', '', 'align="right"') . sprintf(BOX_CONNECTION_PROTECTED, $size));
 } else {
$contents[] = array('params' => 'class="infoBox"',
					'text' => tep_image(DIR_WS_ICONS . 'unlocked.gif', ICON_UNLOCKED, '', '', 'align="right"') . BOX_CONNECTION_UNPROTECTED);
 }

 

To:

 

  $contents = array();

 if (getenv('SERVER_PORT') == '443') {

$contents[] = array('params' => 'class="infoBox"',
					'text' => tep_image(DIR_WS_ICONS . 'locked.gif', ICON_LOCKED, '', '', 'align="right"') . sprintf(BOX_CONNECTION_PROTECTED, $size));
 } else {
$contents[] = array('params' => 'class="infoBox"',
					'text' => tep_image(DIR_WS_ICONS . 'unlocked.gif', ICON_UNLOCKED, '', '', 'align="right"') . BOX_CONNECTION_UNPROTECTED);
 }

 

Then I went to /admin/includes/configure.php

 

And I made it look like this: (There should be https Twice)

 

  define('HTTP_SERVER', 'https://www.mysite.com'); // eg, http://localhost - should not be empty for productive servers
 define('HTTP_CATALOG_SERVER', 'http://www.mysite.com');
 define('HTTPS_CATALOG_SERVER', 'https://www.mysite.com');
 define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module

 

Then I went to /inludes/configure.php

 

And I made it look like this: (there should be https Once)

 

define('HTTP_SERVER', 'http://www.mysite.com'); // eg, http://localhost - should not be empty for productive servers
 define('HTTPS_SERVER', 'https://www.mysite.com'); // eg, https://localhost - should not be empty for productive servers
 define('ENABLE_SSL', true); // secure webserver for checkout procedure?
 define('HTTP_COOKIE_DOMAIN', 'www.mysite.com');
 define('HTTPS_COOKIE_DOMAIN', 'www.mysite.com');

 

Both the secure checkout work and the admin pages. I have a godaddy dedicated Cert. However, I have already helped my buddy get his to work and he uses some other company for SSL. So if you do this EXACTLY how I have done, you will get it to work. Any questions, please post here, and I will help as best as I can as this forum has done for me.

Link to comment
Share on other sites

I have a few questions. First, if I am only using PayPal (IPN) and the check/money order option, do I need SSL, or will that not be necessary until I "upgrade" to a "real" payment gateway?

 

Second, which pages should be showing up as secure?

 

Third, how do I secure the admin tool?

 

Fourth, how do I know where to copy my catalog files to? I have an SSL folder in my site's root directory, but I don't see anything like http_docs or https_docs. My files are currently all in public_html (top directory); there is no private_html. Once I figure this out, do I have to copy *everything* to that directory?

 

I am currently working with a shared cert from my webhost. The security alert popup says that the cert name does not match my site name. Am I correct in assuming that is just part of its being a shared cert, or is there something I've input incorrectly that has created this particular warning? (I know that the root name will show up as untrusted.)

Link to comment
Share on other sites

it's been 47 hours.

i've been *really* busy.

 

colocated server had one ip i could use for a cert (and it had my cert on it already).

built an os commerce site for a friend of a friend. she got exited about the results and told the world.

all of a sudden i have to get 22 osc customers on one ip with one cert.

 

i got it working, but it's an ugly hack (in my eyes) and i'm hoping someone can tell me a cleaner way

to do this.

 

test site to make this work is http://www.kindertunes.net/catalog

ssl certificate is at https://secure.l7.net

 

the catalog lives in /home/shelley/www.kindertunes.net/catalog/

ssl root is /home/dd/secure.l7.net/

 

includes/configure.php:

 

define('HTTP_SERVER', 'http://www.kindertunes.net');

define('HTTPS_SERVER', 'https://secure.L7.net/secure.kindertunes.net/catalog');

define('ENABLE_SSL', true);

define('HTTP_COOKIE_DOMAIN', 'www.kindertunes.net');

define('HTTPS_COOKIE_DOMAIN', '');

define('HTTP_COOKIE_PATH', '/catalog/');

define('HTTPS_COOKIE_PATH', '');

define('DIR_WS_HTTP_CATALOG', '/catalog/');

define('DIR_WS_HTTPS_CATALOG', '/');

<snip>

define('DIR_FS_CATALOG', '/home/shelley/www.kindertunes.net/catalog/');

<snip>

define('DB_SERVER', 'localhost');

define('DB_DATABASE', 'kindertunes');

define('USE_PCONNECT', 'false');

define('STORE_SESSIONS', 'mysql');

 

this works perfectly. after i did this:

 

cd /home/dd/secure.l7.net/

ln -s /home/shelley/www.kindertunes.net/ secure.kindertunes.net/

 

however, it broke at the continue button after checkout.

 

it was trying to go to http://www.kindertunes.net/catalog/catalog...hp?blahblahblah

 

i fixed that with this:

 

cd /home/shelley/www.kindertunes.net/catalog

 

ln -s /home/shelley/www.kindertunes.net/catalog catalog

 

anyone have any suggestions?

(other than get some sleep?)

 

kinda looking for a cleaner way, or potential problems, etc...

thanks :)

-dd

Link to comment
Share on other sites

Urgent help required before i pull my hair out!!

 

Hi all, currently hitting a major brick wall when swapping over to SSL.

 

Have installed the cert with no probs at all via PLESK & get a nice lock & no messages.

 

Have run myenv.php & got nice correct results.

 

Im running a 1and1 root server running LINUX.

 

SSL cert is for www.rapidstands.com & store is in root.

 

Have read the lot & all seem A Ok ( i think unless ive seriously overlooked somthing)

 

I have run numerous re-installs from other folders to test but still no Joy.

 

All i get every time i 404 Not Found Error???

 

Heres my configs:

Includes/config.php

 

// Define the webserver and path parameters

// * DIR_FS_* = Filesystem directories (local/physical)

// * DIR_WS_* = Webserver directories (virtual/URL)

define('HTTP_SERVER', 'http://www.rapidstands.com');

define('HTTPS_SERVER', 'https://www.rapidstands.com');

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'www.rapidstands.com');

define('HTTPS_COOKIE_DOMAIN', 'www.rapidstands.com');

define('HTTP_COOKIE_PATH', '/');

define('HTTPS_COOKIE_PATH', '/');

define('DIR_WS_HTTP_CATALOG', '/');

define('DIR_WS_HTTPS_CATALOG', '/');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 

define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');

define('DIR_FS_CATALOG', '/home/httpd/vhosts/rapidstands.com/httpdocs/');

define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');

define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

 

// define our database connection

define('DB_SERVER', 'localhost'); // eg, localhost - should not be empty for productive servers

define('DB_SERVER_USERNAME', '*****');

define('DB_SERVER_PASSWORD', '******');

define('DB_DATABASE', '******');

define('USE_PCONNECT', 'false'); // use persistent connections?

define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql'

?>

 

Admin/includes/config.php

 

// Define the webserver and path parameters

// * DIR_FS_* = Filesystem directories (local/physical)

// * DIR_WS_* = Webserver directories (virtual/URL)

define('HTTP_SERVER', 'http://www.rapidstands.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTP_CATALOG_SERVER', 'http://www.rapidstands.com');

define('HTTPS_CATALOG_SERVER', 'https://www.rapidstands.com');

define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module

define('DIR_FS_DOCUMENT_ROOT', '/home/httpd/vhosts/rapidstands.com/httpdocs/'); // where the pages are located on the server

define('DIR_WS_ADMIN', '/admin/'); // absolute path required

define('DIR_FS_ADMIN', '/home/httpd/vhosts/rapidstands.com/httpdocs/admin/'); // absolute pate required

define('DIR_WS_CATALOG', '/'); // absolute path required

define('DIR_FS_CATALOG', '/home/httpd/vhosts/rapidstands.com/httpdocs/'); // absolute path required

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/');

define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/');

define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/');

define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/');

define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/');

 

// define our database connection

define('DB_SERVER', 'localhost'); // eg, localhost - should not be empty for productive servers

define('DB_SERVER_USERNAME', '*****');

define('DB_SERVER_PASSWORD', '*****');

define('DB_DATABASE', '******');

define('USE_PCONNECT', 'false'); // use persisstent connections?

define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql'

?>

 

Aplication top:

 

// set the type of request (secure or not)

$request_type = (getenv('SERVER_PORT') == '443') ? 'SSL' : 'NONSSL';

 

 

Ive tried the lot, all the variations from different posts etc.... but all lead to a 404??

 

Any help will be much appreciated. Have tried on 2 projects now. 1 which i had to abandon due to sheer time taken. All EPDQ is set up etc... all i need is SECURITY? please help me!!! Argghhh!!1

 

site is @

 

Kind Regads

 

James

 

Main Site:

 

http://www.rapidstands.com

 

Test Folder:

 

http://www.rapidstands.com/catalog

Link to comment
Share on other sites

Plesk requires the use of two folders, one for http docs and one for https docs. You need to copy your files/folders in your http docs folder to your https docs folder. Once you've got it working right then you can delete your 'admin' folder from the http docs folder.

 

Vger

Urgent help required before i pull my hair out!!

 

Hi all, currently hitting a major brick wall when swapping over to SSL.

 

Have installed the cert with no probs at all via PLESK & get a nice lock & no messages.

 

Have run myenv.php & got nice correct results.

 

Im running a 1and1 root server running LINUX.

 

SSL cert is for www.rapidstands.com & store is in root.

 

Have read the lot & all seem A Ok ( i think unless ive seriously overlooked somthing)

 

I have run numerous re-installs from other folders to test but still no Joy.

 

All i get every time i 404 Not Found Error???

Link to comment
Share on other sites

Plesk requires the use of two folders, one for http docs and one for https docs. You need to copy your files/folders in your http docs folder to your https docs folder. Once you've got it working right then you can delete your 'admin' folder from the http docs folder.

 

Vger

 

 

Arghhhhhhhhhhhhh!!!!!! & thats it????? My friend you are a star!!

Obviously i think this could be the main prob. for most people on here using 1and1 & plesk.

I havnt seen any documentation stating this??

 

Thanks a lot. Im there!!!!! :thumbsup:

Link to comment
Share on other sites

Plesk requires the use of two folders, one for http docs and one for https docs. You need to copy your files/folders in your http docs folder to your https docs folder. Once you've got it working right then you can delete your 'admin' folder from the http docs folder.

 

Vger

If it's a root server he can configure Plesk to work in non standard ways and eliminate the two folder issue (which sucks). I don't have any experience doing this but I did Google up this thread.

 

http://forum.ev1servers.net/showthread.php?threadid=2706

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites

Don't take this as 100% accurate - but:

 

You need to create a vhost_ssl.conf file in

 

/home/httpd/vhosts/domainname.com/conf/

 

DocumentRoot /home/httpd/vhosts/site.com/httpdocs

<Directory /home/httpd/vhosts/site.com/httpdocs>

<IfModule mod_perl.c>

<Files ~ (\.pl)>

SetHandler perl-script

PerlHandler ModPerl::Registry

Options ExecCGI

allow from all

PerlSendHeader On

</Files>

</IfModule>

<IfModule sapi_apache2.c>

php_admin_flag engine on

php_admin_value open_basedir "/home/httpd/vhosts/site.com/httpdocs:/tmp"

</IfModule>

SSLRequireSSL

Options +includes +ExecCGI

</Directory>

<IfModule sapi_apache2.c>

php_admin_flag engine on

php_admin_value open_basedir "/home/httpd/vhosts/site.com/httpdocs:/tmp"

</IfModule>

 

Vger

Link to comment
Share on other sites

I'm slightly confused. I believe my host (gomama) installed the godaddy ssl cert (there is more stuff on my site's root ssl folder now).

 

I have changed/added as per the instructions here for the configure.php files.

 

I do NOT have any error message at all. However, when I logged into my own customer account (for test purposes and such), I did not get any padlock icon in the browser window NOR does the URL change to https.

 

What have I missed?

 

My site is not live yet: www.moonlightdelights.com/catalog/index.php

Don't mind the "dust", I still have loads to do yet.

 

I also uploaded a robot.txt file, I hope it's right.

Link to comment
Share on other sites

Don't take this as 100% accurate - but:

Vger

 

 

The day just gets better & better!! Worked a treat!! When i was using the 2 folders it said that the httpdocs/images folder didnt exist?? Very strange, on another site when i tested in the 2 folders but wasnt sure this was correct it was saying the download folder didnt exist?? Hmmmm...

 

Anyway, no 2 folders needed now with VGER`s conf file. Top Man!!

 

Kind Regards

 

James (one happy bunny!!)

Link to comment
Share on other sites

But in the spirit of Open Source, I got that from somewhere else, and kept a record of it (just in case). Looks like it proved useful.

Even better, we know it is a working solution now.

 

This should also also work on shared servers (if one knows how to access the correct directory).

 

riddler: Did you need to restart Apache?

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites

The solution should have worked, as it came from someone who runs a Plesk server themselves - if I could remember who posted it and where then I could attribute it correctly - but I didn't save that info, only the code.

 

Vger

Link to comment
Share on other sites

Even better, we know it is a working solution now.

 

This should also also work on shared servers (if one knows how to access the correct directory).

 

riddler: Did you need to restart Apache?

 

 

Actually, when i start/stopped apache it fell over??

 

So....

 

I did a simlink to the http folder by doing this from root using putty.

 

Login as Root, and run the following comments:

1. cd home/httpd/vhosts/xxx.com/

2. mv httpsdocs _httpsdocs

3. ln -sd httpdocs httpsdocs

 

This renames the httpsdocs folder insted of deleting it & mirrors the httpdocs folder.

 

Working ok now. But hit another prob. when i log in now as a customer i get a blank screen?????

 

Grrrr!! But at least the SSL prob is solved.

 

VGER sorry i presumed u were male!! oops!

Link to comment
Share on other sites

The BIG dilema haunting me today is getting the SSL working. I do not see the padlock at the bottom of my screen.

 

I've read sections of the knowledge base and read this post a couple times -and it's going over my head what to do next. Can I please get some advise?

 

I have a shared SSL. Here is my code:

define('HTTP_SERVER', 'http://sharonunlimited.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://server1.sslpage.com/~sharonu'); // eg, https://localhost - should not be empty for productive servers

define('ENABLE_SSL', false); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'sharonunlimited.com');

define('HTTPS_COOKIE_DOMAIN', 'server1.sslpage.com/~sharonu');

define('HTTP_COOKIE_PATH', '/');

define('HTTPS_COOKIE_PATH', '/');

define('DIR_WS_HTTP_CATALOG', '/');

define('DIR_WS_HTTPS_CATALOG', '/');

 

How can I go about troubleshooting? Can anyone see a problem here?? My admin/includes/configure is set up similarly.

 

Thanks anyone/every one!

Sharon

Link to comment
Share on other sites

You need to turn off the 'Force Cookie Use' setting, because you can't use this feature with a shared ssl cert. It looks as though you've now set 'enable_ssl' to true in both configure.php files - because I am getting the padlock.

 

However, there is a problem with images on your https pages being drawn from an http connection, and this is causing the 'mixed content' error message I get when switching to https pages.

Link to comment
Share on other sites

Hello again. Forgive me.. this just went over my head and my admin area now has a error message so I can't go change the force cookies to off. 1) If I repeat the error here can you help me in this section of the forum?

 

2) I don't know what you mean by the images being drawn from an http and not https. Do the images need SSL because of the shopping cart? If this is the case then the whole website should be referenced https: etc. Then is my code wrong?

 

Thanks so much for your valuable time!

Sharon

Link to comment
Share on other sites

Your path to images in your includes/configure.php file should read only 'images/' and nothing else - no you should not make all of your store https (search engines don't rank https pages). Post the error here and someone will look at it for you, but if it says "$this in uploads.php" then look at the link below my name.

 

Vger

Link to comment
Share on other sites

Hi Vger, Sharon again here. I fixed the error I was having with admin then changed force cookies setting to false. Ok there. I made some other changes and wondered if you can take a look at the padlock on my site one more time. Does my site seem normal? Is the padlock coming and going when it should? For example, does it stay on for you after you go past the create account screen? (sharonunlimited.com)

 

I appreciate your help so very much!

Keeping my finger on this tread...

Sharon

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...