Jump to content
dev osCommerce
Forum
  • Checkout
  • Login
  • Contact Us
  • Get in touch

osCommerce

The e-commerce.

New Demo
Our Partners

Security alert problem at check out or new account

Guest

By Guest
in General Support

Recommended Posts

Guest

Guest

Posted
Posted

Hi,

 

I get a security alert when I use check out or create a new account on my site:

 

It is valid and from a trusted site but.....

 

 

"The name on the security certificate is invalid or does not match the name of the site"

 

Certificate information: www.flat4online.co.uk

Issued by : www.flat4online.co.uk

Valid from: 1/2/2005 to 1/2/2006

 

I have configured both configure.php files to read www.flat4online.co.uk and tried to to load the site on a differnt amchine and browser.

 

I also noticed that sometimes when I put the mouse over the check out button it shows the IP address rather than the domain name of the file but both config files have been edited to domain names only, is there more files that should be edited?

 

TIA

 

Windows

Link to comment
Share on other sites
Guest

Guest

Posted
Posted

Check to make sure you don't have this file: includes/local/configure.php

 

If so change the name to includes/local/configure.php.old and then reload the page.

 

Bobby

Link to comment
Share on other sites
Guest

Guest

Posted
Posted
Check to make sure you don't have this file:  includes/local/configure.php

 

If so change the name to includes/local/configure.php.old and then reload the page.

 

Bobby

 

Thanks for the help.

 

I checked but that file is not there.

 

Windows

Link to comment
Share on other sites
Guest

Guest

Posted
Posted
Post your configure.php file WITHOUT the database credentials.

 

Bobby

 

catalog/includes/configure.php

 

 

// Define the webserver and path parameters

// * DIR_FS_* = Filesystem directories (local/physical)

// * DIR_WS_* = Webserver directories (virtual/URL)

define('HTTP_SERVER', 'http://www.flat4online.co.uk'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://www.flat4online.co.uk'); // eg, https://localhost - should not be empty for productive servers

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'www.flat4online.co.uk');

define('HTTPS_COOKIE_DOMAIN', 'www.flat4online.co.uk');

define('HTTP_COOKIE_PATH', '/catalog/');

define('HTTPS_COOKIE_PATH', '/catalog/');

define('DIR_WS_HTTP_CATALOG', '/catalog/');

define('DIR_WS_HTTPS_CATALOG', '/catalog/');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 

define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');

define('DIR_FS_CATALOG', '/home/scoty/flat4online-www/catalog/');

define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');

define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

 

 

admin/includes/configure.php

 

 

// Define the webserver and path parameters

// * DIR_FS_* = Filesystem directories (local/physical)

// * DIR_WS_* = Webserver directories (virtual/URL)

define('HTTP_SERVER', 'http://www.flat4online.co.uk'); // eg, http://localhost - should not be empty for productive servers

define('HTTP_CATALOG_SERVER', 'http://www.flat4online.co.uk');

define('HTTPS_CATALOG_SERVER', 'https://www.flat4online.co.uk');

define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module

define('DIR_FS_DOCUMENT_ROOT', '/home/scoty/flat4online-www/catalog/'); // where the pages are located on the server

define('DIR_WS_ADMIN', '/catalog/admin/'); // absolute path required

define('DIR_FS_ADMIN', '/home/scoty/flat4online-www/catalog/admin/'); // absolute pate required

define('DIR_WS_CATALOG', '/catalog/'); // absolute path required

define('DIR_FS_CATALOG', '/home/scoty/flat4online-www/catalog/'); // absolute path required

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/');

define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/');

define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/');

define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/');

define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/');

Link to comment
Share on other sites
Guest

Guest

Posted
Posted
Hi,

 

I get a security alert when I use check out or create a new account on my site:

 

It is valid and from a trusted site but.....

"The name on the security certificate is invalid or does not match the name of the site"

 

Certificate information: www.flat4online.co.uk

Issued by : www.flat4online.co.uk

Valid from: 1/2/2005 to 1/2/2006

 

I have configured both configure.php files to read www.flat4online.co.uk and tried to to load the site on a differnt amchine and browser.

 

I also noticed that sometimes when I put the mouse over the check out button it shows the IP address rather than the domain name of the file but both config files have been edited to domain names only, is there more files that should be edited?

 

TIA

 

Windows

 

When I took a look at the certificate, the warning message I got said it was not from a trusted site.

Link to comment
Share on other sites
Guest

Guest

Posted
Posted

That looks correct...try uploading it to the server again. If that doesn't work and the local/configure.php file is not present I'm afraid there is nothing more that I can do for you.

 

Good luck!

 

Bobby

Link to comment
Share on other sites
Guest

Guest

Posted
Posted
When I took a look at the certificate, the warning message I got said it was not from a trusted site.

No...it's trusted. The error is that all URL's are being constructed with the IP and not domain name. Hence, the cert was issued to the domain but the IP is being used to access and the warning is being generated.

 

Bobby

Link to comment
Share on other sites
Guest

Guest

Posted
Posted
No...it's trusted.  The error is that all URL's are being constructed with the IP and not domain name.  Hence, the cert was issued to the domain but the IP is being used to access and the warning is being generated.

 

Bobby

 

OK thanks I'll keep searching earlier posts and see if I can find something.

 

When the site is loaded for the first time in the browser the domain name shows, when I click on any part of the site it switches to ip address, but the second time I click it switches back to the domain name and stays on the domain name!

 

So if I load the site and click on EVO twice I can checkout or creat accounts without the security alert!!

 

Any ideas why it is looading the ip address when both config files are set with the domain names?

Link to comment
Share on other sites
Guest

Guest

Posted
Posted

Figured it out, there is 3 configure.php files that need to be modified

 

catalog/includes/configure.php

admin/includes/configure.php

includes/configure.php

 

 

Cheers

 

Windows

Link to comment
Share on other sites
OceanRanch

OceanRanch

Posted
Posted

For what its worth......

 

There are only 2 configure.php files in osCommerce.

 

Also, when accessing your site I too get the message that Dave got, that said it was not from a trusted site.

 

That typically means that your browser does not have this particular certificate authority added to its list of "trusted sites". Once you accept it in your browser and let the browser add it to its list of "trusted sites" the message should not occur again on that users browser.

 

HTH

Tom

Link to comment
Share on other sites
Guest

Guest

Posted
Posted
For what its worth......

 

There are only 2 configure.php files in osCommerce.

 

Also, when accessing your site I too get the message that Dave got, that said it was not from a trusted site.

 

That typically means that your browser does not have this particular certificate authority added to its list of "trusted sites". Once you accept it in your browser and let the browser add it to its list of "trusted sites" the message should not occur again on that users browser.

 

HTH

Tom

 

Hi any idea why I have got 3 configure.php files in osCommerce?

 

catalog/includes/configure.php

admin/includes/configure.php

includes/configure.php

 

The certificate is from GeoTrust, I take it GeoTrust is not in any browsers trusted root by default? (hence muchess cheapness)

Link to comment
Share on other sites
OceanRanch

OceanRanch

Posted
Posted

The standard osCommerce directory/folder structure at installation is as follows.

 

catalog/ - all the source for the catalog.

The configure.php would then be in catalog/includes/configure.php

 

catalog/admin/ - all the source for the administration pages

The configure.php would then be in catalog/admin/includes configure.php

 

Then within each of the configure.php the appropriate defines also point to the directory/folder setup.

 

In your particular set up it appears that you have two copies of the admin code admin/includes/configure.php and catalog/admin/includes/configure.php. It also appears that you copied the catalog code from the catalog folder to your root.

 

Your best bet is to sit back and decide where you want the catalog and admin code and then delete the other copies. If you decide on having the catalog in your root then you'll need to modify the includes/configure.php file.

 

Plan the work, then work the plan. Go slow and it should all work out.

 

HTH

Tom

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...