"Catalog images directory does not exist:"

[digital_soul18]

Hello,

Does anyone know why my admin site keeps saying "Catalog images directory does not exist: /home/httpd/vhosts/digital-soul.com.au/httpdocs/images/" ??

 

The directory does exist and it does have CHMOD 777 on all files and subfolders. I somehow suspect its got to do with the .htaccess files. On my webserver on my local computer I can run the admin files with no problem (using IIS 6.0 and php 4.3.4 and the latest mysql) but when I upload it to my real webserver thats hosted then it stuffs up and gives me that error message!! My host uses linux with a updated version php (4.3.7 i think)

 

My admin/includes/configuration.php file is correct as far as I am aware.. Please someone help me look over it:

 

// Define the webserver and path parameters
// * DIR_FS_* = Filesystem directories (local/physical)
// * DIR_WS_* = Webserver directories (virtual/URL)
 define('HTTP_SERVER', 'http://www.digital-soul.com.au/'); // eg, http://localhost - should not be empty for productive servers
 define('HTTP_CATALOG_SERVER', 'http://www.digital-soul.com.au/');
 define('HTTPS_CATALOG_SERVER', 'https://www.digital-soul.com.au/');
 define('ENABLE_SSL_CATALOG', 'false'); // secure webserver for catalog module
 define('DIR_FS_DOCUMENT_ROOT', '/home/httpd/vhosts/digital-soul.com.au/httpsdocs/'); // where the pages are located on the server
 define('DIR_WS_ADMIN', '/admin/'); // absolute path required
 define('DIR_FS_ADMIN', '/home/httpd/vhosts/digital-soul.com.au/httpsdocs/admin/'); // absolute pate required
 define('DIR_WS_CATALOG', '/'); // absolute path required
 define('DIR_FS_CATALOG', '/home/httpd/vhosts/digital-soul.com.au/httpdocs/'); // absolute path required
 define('DIR_WS_IMAGES', 'images/');
 define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
 define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/');
 define('DIR_WS_INCLUDES', 'includes/');
 define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
 define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
 define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
 define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
 define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');
 define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/');
 define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/');
 define('DIR_FS_CATALOG_IMAGES', '/home/httpd/vhosts/digital-soul.com.au/httpdocs/images/');
 define('DIR_FS_CATALOG_MODULES', '/home/httpd/vhosts/digital-soul.com.au/httpdocs/images/includes/modules/');
 define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/');
// define our database connection
 define('DB_SERVER', 'localhost'); // eg, localhost - should not be empty for productive servers
 define('DB_SERVER_USERNAME', '');
 define('DB_SERVER_PASSWORD', '');
 define('DB_DATABASE', 'digitalsoul');
 define('USE_PCONNECT', 'true'); // use persisstent connections?
 define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql'

[digital_soul18]

Sorry but the line

define('HTTP_CATALOG_SERVER', 'http://www.digital-soul.com.au/');

on my script is actully

define('HTTP_CATALOG_SERVER', 'https://www.digital-soul.com.au/');

 

it seems to be that the cheapest way to implement the SSL certificate is by this method of thorwing in https in front but we lose the ability to upload images...

 

anyone have ideas around this problem or a proper way to SSL secure the site?!?!

 

Thanks!! :)

[Chris Dunning]

I think the problem is related to the httpdocs folder vs. the httpsdocs folder.

 

The best way around this is to symlink the folders together. If you have SSH access to the server, you can do it with this command:

mv httpsdocs httpsdocsx

This renames uour httpsdocs directory to httpsdocsx to get it out of the way without losing data

ln -s httpdocs httpsdocs

This puts a link between httpsdocs and httpdocs - much link a link in Windows would allow you to access a folder directly from your desktop without actually moving the folder there.

 

If you don't have shell access, you can ask your host to do this for you.

 

Otherwise, you need be very careful about your configure.php file - make sure that any fileside directory that needs ssl refers to httpsdocs and any non-ssl directory refers to httpdocs.

 

You don't want to define HTTP_CATALOG_SERVER as https:// whatever - this puts your entire site in ssl, which will slow things down. HTTP_CATALOG_SERVER should be http://whatever, HTTPS_CATALOG_SERVER should be https. You'll also need to enable SSL (set the define to true in your configure.php) if you want to use it.

 

define('DIR_FS_CATALOG_MODULES', '/home/httpd/vhosts/digital-soul.com.au/httpdocs/images/includes/modules/');

 

This line will also give you problems - I doubt that your modules directory is located inside your images directory as you've defined it here.

[digital_soul18]

THANK YOU!!! Finally someone who knows what their talking about!! Thanks mate, I haven't tried it yet but i'm sure it'll work, i'll keep you posted

[digital_soul18]

Well I requested by domain manager to do that, let see what they say. In the meanwhile what exactly is SSH??

 

Also, this method, is it secure?? is it recommended that we just leave httpsdocs as is?? (even though I don't think i need to)

 

another question regarding security, if my hosts for whatever reason don't want to do it then am I safe by simple .htacess protection? can some one still hack my files if I have this open?

 

Thanks BlueNote

[Chris Dunning]

SSH stands for Secure SHell. It's a way that you can log in to your server over the internet and work from the command line (Linux equivalent of a C:\ DOS prompt). There are many things you can only do from the command line. As far as I know, this is one of them.

 

I don't think there is any security risk in linking httpdocs with httpsdocs - every server I've worked on that does not run Plesk has stored files in only one location, simply changing the way the server calls things depending on whether you're secure or not. Someone else may be able to correct me or expand on this.

 

another question regarding security, if my hosts for whatever reason don't want to do it then am I safe by simple .htacess protection?

 

This question confuses me greatly. .htaccess protection really doesn't have anything to do with SSL. Probably the only reason you're using an .htaccess file is to put a password on your admin screen (though there are many other things you can do with that file). Adding that password and making your checkout pages secure really are completely unrelated.

 

can some one still hack my files if I have this open?

A determined hacker with enough skill and knowledge WILL get through whatever defenses you put up. There's no way to make your machine 100% secure while it's powered on and connected to the internet. However, most hackers will not go after the targets that have some security measures put up. As someone else put it, why bother breaking through the deadbolt when the house across the street left the door open?

 

I don't know of a more secure way to protect your admin screens than the .htaccess/.htpasswd system...other than perhaps holding the admin files on a computer that's not connected to the internet all of the time (such as your local machine). That will keep out 99% of the hackers. There are still plenty of other things that you need to watch out for - use good passwords and keep them secure, log out when you're done, keep your server up to date, etc.