Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

EV Certificate and OSC 2.3.4


gritsop

Recommended Posts

Hi

 

I have a OSC 2.3.4 site and I recently installed an EV certificate. I have altered the .htaccess file in order to redirect all requests from the http to the https site so that browsing is done exclusively on the secure environment.

 

However after running exclusively at SSL the "add to cart" buttons doesn't fll and I always get that the basket is empty.

 

I have modified again the .htaccess file so that only the files which contain customer data run under SSL  mode with green padlock.

 

Is there a way to make the complete OSC site run exclusively under SSL without having the cart unable to fill up?

 

Thanks in advance.

Link to comment
Share on other sites

In the two configure.php files, did you properly configure the SSL side of things, change all http: references to use https:, and enable SSL? Lots of sites run osC 100% under SSL, so I suspect you overlooked something in the configuration.

Link to comment
Share on other sites

Hi

 

Thank you for the quick reply,

 

I have attached how the /includes/configure.php looks like

 

define('HTTP_SERVER', 'http://alfa-restoration.co.uk');
  define('HTTPS_SERVER', 'https://alfa-restoration.co.uk');
  define('ENABLE_SSL', true);
  define('HTTP_COOKIE_DOMAIN', 'www.alfa-restoration.co.uk');
  define('HTTPS_COOKIE_DOMAIN', 'alfa-restoration.co.uk');
  define('HTTP_COOKIE_PATH', '/shop/');
  define('HTTPS_COOKIE_PATH', '/shop/');
  define('DIR_WS_HTTP_CATALOG', '/shop/');
  define('DIR_WS_HTTPS_CATALOG', '/shop/');
  define('DIR_WS_IMAGES', 'images/');
  define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
  define('DIR_WS_INCLUDES', 'includes/');
  define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
  define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
  define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
  define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

  define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');
  define('DIR_FS_CATALOG', '/home/alfares/public_html/shop/');
  define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');
  define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

  define('DB_SERVER', 'localhost');
  define('DB_SERVER_USERNAME', 'XXXXXX');
  define('DB_SERVER_PASSWORD', 'XXXXXXXX');
  define('DB_DATABASE', 'XXXXXXXXXXXXXX');
  define('USE_PCONNECT', 'false');
  define('STORE_SESSIONS', 'mysql');
  define('CFG_TIME_ZONE', 'Europe/Athens');

 

 

 

and the admin/includes/configure.php

 

define('HTTP_SERVER', 'http://alfa-restoration.co.uk');
  define('HTTPS_SERVER', 'https://alfa-restoration.co.uk');
  define('ENABLE_SSL', true);
  define('HTTP_COOKIE_DOMAIN', 'www.alfa-restoration.co.uk');
  define('HTTPS_COOKIE_DOMAIN', 'alfa-restoration.co.uk');
  define('HTTP_COOKIE_PATH', '/shop/admin');
  define('HTTPS_COOKIE_PATH', '/shop/admin');
  define('HTTP_CATALOG_SERVER', 'http://alfa-restoration.co.uk');
  define('HTTPS_CATALOG_SERVER', 'https://alfa-restoration.co.uk');
  define('ENABLE_SSL_CATALOG', 'true');
  define('DIR_FS_DOCUMENT_ROOT', '/home/alfares/public_html/shop/');
  define('DIR_WS_ADMIN', '/shop/admin/');  
  define('DIR_WS_HTTPS_ADMIN', '/shop/admin/');
  define('DIR_FS_ADMIN', '/home/alfares/public_html/shop/admin/');
  define('DIR_WS_CATALOG', '/shop/');
  define('DIR_WS_HTTPS_CATALOG', '/shop/');
  define('DIR_FS_CATALOG', '/home/alfares/public_html/shop/');
  define('DIR_WS_IMAGES', 'images/');
  define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
  define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/');
  define('DIR_WS_INCLUDES', 'includes/');
  define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
  define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
  define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
  define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
  define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');
  define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/');
  define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/');
  define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/');
  define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/');
  define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/');
  define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');
  define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

  define('DB_SERVER', 'localhost');
  define('DB_SERVER_USERNAME', 'XXXXXXXXx');
  define('DB_SERVER_PASSWORD', 'XXXXXXXXXXx');
  define('DB_DATABASE', 'XXXXXXXXXXX');
  define('USE_PCONNECT', 'false');
  define('STORE_SESSIONS', 'mysql');
  define('CFG_TIME_ZONE', 'Europe/Athens');

 

 

the .htaccess is the following (only the ph files included run under SSL)

 

# Force SSL on specific pages
<IfModule mod_rewrite.c>
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} ^/(login\.php|create_account\.php|checkout_shipping\.php|checkout_payment\.php|checkout_confirmation\.php)
RewriteRule ^(.*)$ https://%{SERVER_NAME}/$1 [L]
</IfModule>

 

The .htaccess file which runs the complete OSC site in SSL but fails to load the cart, is the following

 

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

 

Thank you in advance!

 

Link to comment
Share on other sites

If you want to run the shop 100% SSL, I think the usual practice is to change all the HTTP_ entries to match the HTTPS_ entries. Keep your rewrite in .htaccess so that anyone who types in http: gets sent to https:, but that's all it should be used for. Your internal links, etc. should all be generated as https:, rather than rewriting them on the fly. I seem to recall this being discussed a number of times, so you might want to search this forum. Be on the lookout for banner ads, etc. which have hard-coded http: in them, which could cause browsers to spit it back out.

Link to comment
Share on other sites

In both configure.php files. For example,

define('HTTP_SERVER', 'http://alfa-restoration.co.uk');
define('HTTPS_SERVER', 'https://alfa-restoration.co.uk');

becomes

define('HTTP_SERVER', 'https://alfa-restoration.co.uk');
define('HTTPS_SERVER', 'https://alfa-restoration.co.uk');
Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...