Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Unauthorized url link


cunion

Recommended Posts

Both sites are on the same nameservers, so my guess is that your sites are sharing the same virtual server.

 

You need to contact your hosting company about this. Also, are you storing your sessions in files? If so, set your configure.php files to store the sessions via database, by following the advice on the last line of both of your configure.php files

 

If you have file caching enabled, disable it.

 

Finally, although you appear to have a full ssl installed it is not installed correctly, otherwise I would not have received a warning box that the name on the certificate did not match.

 

Vger

Link to comment
Share on other sites

hey, vger. from my surfing the forum it looks like you know a good bit about security, can you please tell me why my ssl is acting funny? no warnings pop up. it is my own dedicated cert from geotrust. The https shows up and the lock shows in the browser and then disappears as the page finishes loading. Opera tells me it may be the referrer and to reload the page to see what happens but it remains the same. Opera also said it may be elements on the page but I don't get the usual "some elements are insecure" warning. Everything is OSCommerce with a few contributions from the contribs area. There are my pictures on it but they're all stored in the folder. Oh, when I set up the store, it was with a different domain name pointing to the directory. I went into config files and changed to reflect the new domain and the ssl enabled etc. but maybe I missed something or there's a record in the database I need to change. Could it just be the nature of the setup of osc? I doubt this but thought it was worth asking.

 

Added: Oh, the name is www.gardenvines.com/catalog can't just type the url without the /catalog yet since I'm still passing folks to the old site while this is being built.

 

Also, anyone else who knows, I'd be happy to hear your thoughts.

Link to comment
Share on other sites

First things first - don't worry about Opera. Only about 0.00005% of the world uses it, and generally speaking it's not worth downloading and installing. If you want to use something which is not IE then use Firefox.

 

When you installed your SSL cert, did you install it from the hosting control panel? If you did, did you then get the hosting company to reboot the httpd conf files for that server. If you didn't then it won't have fully completed the install.

 

I'm not seeing the padlock at all using IE (and I do for other sites with full ssl's), but I don't get the warning message either - so the basic cert must be okay.

 

Vger

Link to comment
Share on other sites

p.s. Think I see the problem! When you signed up for the certificate it look as though you put the domain name is as being http://www.yourdomain.com, when it should have been www.yourdomain.com. Now you have a certificate which is for the http address and not for https - which is why the padlock is not showing! I'm betting that if you played around with the configure.php files (just to check this out) and put the https address as being http, then the padlock would show up when you go to login.php etc.

 

Vger

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...