Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Secure Installation


Lizphilli

Recommended Posts

The store works fine, untill I try to secure the installion. These are the config files for the secure site- I recieve a file not found warning when I try to access the secure site! Please Help. :angry:

 

My config files are as follows:-

Catalog/Admin/includes/configure.php

// Define the webserver and path parameters

// * DIR_FS_* = Filesystem directories (local/physical)

// * DIR_WS_* = Webserver directories (virtual/URL)

define('HTTP_SERVER', 'http://www.floweraffairs.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTP_CATALOG_SERVER', 'http://www.floweraffairs.com');

define('HTTPS_CATALOG_SERVER', 'https://www.floweraffairs.com');

define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module

define('DIR_FS_DOCUMENT_ROOT', '/services/webpages/f/l/floweraffairs.com/public/catalog/'); // where the pages are located on the server

define('DIR_WS_ADMIN', '/catalog/admin/'); // absolute path required

define('DIR_FS_ADMIN', '/services/webpages/f/l/floweraffairs.com/public/catalog/admin/'); // absolute pate required

define('DIR_WS_CATALOG', '/catalog/'); // absolute path required

define('DIR_FS_CATALOG', '/services/webpages/f/l/floweraffairs.com/public/catalog/'); // absolute path required

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/');

define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/');

define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/');

define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/');

define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/');

 

 

Catalog/Includes/config.php

/ Define the webserver and path parameters

// * DIR_FS_* = Filesystem directories (local/physical)

// * DIR_WS_* = Webserver directories (virtual/URL)

define('HTTP_SERVER', 'http://www.floweraffairs.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://secure1.securewebexchange.com'); // eg, https://localhost - should not be empty for productive servers

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'www.floweraffairs.com');

define('HTTPS_COOKIE_DOMAIN', 'secure1.securewebexchange.com/www.floweraffairs.com');

define('HTTP_COOKIE_PATH', '/catalog/');

define('HTTPS_COOKIE_PATH', '/catalog/');

define('DIR_WS_HTTP_CATALOG', '/catalog/');

define('DIR_WS_HTTPS_CATALOG', '/www.floweraffairs.com/catalog/');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 

define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');

define('DIR_FS_CATALOG', '/services/webpages/f/l/floweraffairs.com/public/catalog/');

define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');

define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

Link to comment
Share on other sites

The store works fine, untill I try to secure the installion. These are the config files for the secure site- I recieve a file not found warning when I try to access the secure site! Please Help. :angry:

 

My config files are as follows:-

Catalog/Admin/includes/configure.php

// Define the webserver and path parameters

// * DIR_FS_* = Filesystem directories (local/physical)

// * DIR_WS_* = Webserver directories (virtual/URL)

define('HTTP_SERVER', 'http://www.floweraffairs.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTP_CATALOG_SERVER', 'http://www.floweraffairs.com');

define('HTTPS_CATALOG_SERVER', 'https://www.floweraffairs.com');

define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module

define('DIR_FS_DOCUMENT_ROOT', '/services/webpages/f/l/floweraffairs.com/public/catalog/'); // where the pages are located on the server

define('DIR_WS_ADMIN', '/catalog/admin/'); // absolute path required

define('DIR_FS_ADMIN', '/services/webpages/f/l/floweraffairs.com/public/catalog/admin/'); // absolute pate required

define('DIR_WS_CATALOG', '/catalog/'); // absolute path required

define('DIR_FS_CATALOG', '/services/webpages/f/l/floweraffairs.com/public/catalog/'); // absolute path required

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/');

define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/');

define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/');

define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/');

define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/');

Catalog/Includes/config.php

/ Define the webserver and path parameters

// * DIR_FS_* = Filesystem directories (local/physical)

// * DIR_WS_* = Webserver directories (virtual/URL)

define('HTTP_SERVER', 'http://www.floweraffairs.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://secure1.securewebexchange.com'); // eg, https://localhost - should not be empty for productive servers

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'www.floweraffairs.com');

define('HTTPS_COOKIE_DOMAIN', 'secure1.securewebexchange.com/www.floweraffairs.com');

define('HTTP_COOKIE_PATH', '/catalog/');

define('HTTPS_COOKIE_PATH', '/catalog/');

define('DIR_WS_HTTP_CATALOG', '/catalog/');

define('DIR_WS_HTTPS_CATALOG', '/www.floweraffairs.com/catalog/');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 

define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');

define('DIR_FS_CATALOG', '/services/webpages/f/l/floweraffairs.com/public/catalog/');

define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');

define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

 

 

The true (SSL) in your catalog/includes file should be 'true' not true

 

also I could not see an https_server line in your admin config - i think there should be one just as in your catalog config - but check this out from the install files before you change this line

 

hth

 

Charles

A kite flies highest AGAINST the wind !

 

"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, a lover in one hand, martini in the other, body thoroughly used up, totally worn out and screaming ~ WOO HOO!! What a ride!"

Link to comment
Share on other sites

Hi Charles,

Thank you for your reponse - I missed the lack of quotes, which has now been corrected.

I have done a clean install (with ssl enabled) and checked the admin/included/configure.php and there isn't a https_server path there - so either I have a problem with my download of oscommerce or I am missing something else!

it is still not working!!!

Link to comment
Share on other sites

Please don't post everything in large text like that, it's not needed and wastes space.

 

Just ticking enable ssl when you run the install doesn't actually do anything other than define your https_server address as https://www.yourdomain.com - which only applies if you have a full ssl cert. I see from your earlier post that you have a file pathway for a shared ssl cert, and this is what you need to use when setting https_server pathways e.g.

 

define('HTTPS_SERVER', 'https://secure1.securewebexchange.com/floweraffairs.com'); //check with your hosting company as to what this should actually read.

 

Leave your https_cookie_path empty. Otherwise it will point to your hosting companies domain not yours.

 

Vger

Link to comment
Share on other sites

Please don't post everything in large text like that, it's not needed and wastes space.

 

Just ticking enable ssl when you run the install doesn't actually do anything other than define your https_server address as https://www.yourdomain.com - which only applies if you have a full ssl cert.  I see from your earlier post that you have a file pathway for a shared ssl cert, and this is what you need to use when setting https_server pathways e.g.

 

define('HTTPS_SERVER', 'https://secure1.securewebexchange.com/floweraffairs.com'); //check with your hosting company as to what this should actually read.

 

Leave your https_cookie_path empty.  Otherwise it will point to your hosting companies domain not yours.

 

Vger

Link to comment
Share on other sites

Sorry about that -I stand corrected.

Is this in both the admin/includes/configure.php and the includes/configure.php files

My hosting company suggests that I need to either get them to create a symbolic link between the /public and the /secure folder or copy all store data in the installation folder to the sevure folder. (So does this mean that I have two copies of my store on my webspace?). Which do you recommend?

Link to comment
Share on other sites

this is also wrong:

define('DIR_FS_DOCUMENT_ROOT', '/services/webpages/f/l/floweraffairs.com/public/catalog/');

should be:

define('DIR_FS_DOCUMENT_ROOT', '/services/webpages/f/l/floweraffairs.com/public');

 

sounds like your host is behind times in having separate directories for ssl/nonssl

Link to comment
Share on other sites

Thank you - tried both Mibble and Vger's suggeston and I am still getting 'page not found' reponse when I go to the checkout!

Have spoken to tech support at my hosting company to confirm my path so I don't believe that that is the problem.

Help!!!

Liz

Link to comment
Share on other sites

Thank you for using small text!

 

You are on a Shared SSL, the following address is wrong. Change

 

define('HTTPS_CATALOG_SERVER', 'https://www.floweraffairs.com');

to

define('HTTPS_CATALOG_SERVER', 'https://secure1.securewebexchange.com/www.floweraffairs.com);

Link to comment
Share on other sites

Duplicated info above, please ignore.

 

It doesn't seem that https://secure1.securewebexchange.com/www.floweraffairs.com (as stated in your file) exists.  Ask your host for the correct SSL address (if exist) and put it in define('HTTPS_CATALOG_SERVER', 'xxx');

 

Also edit define('HTTPS_COOKIE_DOMAIN', 'xxx'); appropriately.

Try https://www.securewebexchange.com/floweraffairs.com/

Link to comment
Share on other sites

Duplicated info above, please ignore.

 

It doesn't seem that https://secure1.securewebexchange.com/www.floweraffairs.com (as stated in your file) exists.  Ask your host for the correct SSL address (if exist) and put it in define('HTTPS_CATALOG_SERVER', 'xxx');

 

Also edit define('HTTPS_COOKIE_DOMAIN', 'xxx'); appropriately.

 

Alpha Ray, today you're my hero. I was having a related problem. After setting most (but apparently not all) of the shared SSLl settings, the secure pages weren't picking up the non-secure pages' cart contents info and I'd been pulling my hair out over it for days. I set my cookie domains in the catalog/includes/configure.php file and now all is well in the world. THANKS!!!! AMc

Should I stay or should I go now? Thanks and goodbye Joe.

Link to comment
Share on other sites

Use the followings:

 

catalog/admin/includes/configure.php

// Define the webserver and path parameters 
// * DIR_FS_* = Filesystem directories (local/physical) 
// * DIR_WS_* = Webserver directories (virtual/URL) 
define('HTTP_SERVER', 'http://www.floweraffairs.com'); // eg, http://localhost - should not be empty for productive servers 
define('HTTP_CATALOG_SERVER', 'http://www.floweraffairs.com'); 
define('HTTPS_CATALOG_SERVER', 'https://www.securewebexchange.com/floweraffairs.com'); 
define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module 
define('DIR_FS_DOCUMENT_ROOT', '/services/webpages/f/l/floweraffairs.com/public/catalog/'); // where the pages are located on the server 
define('DIR_WS_ADMIN', '/catalog/admin/'); // absolute path required 
define('DIR_FS_ADMIN', '/services/webpages/f/l/floweraffairs.com/public/catalog/admin/'); // absolute pate required 
define('DIR_WS_CATALOG', '/catalog/'); // absolute path required 
define('DIR_FS_CATALOG', '/services/webpages/f/l/floweraffairs.com/public/catalog/'); // absolute path required 
define('DIR_WS_IMAGES', 'images/'); 
define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); 
define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/'); 
define('DIR_WS_INCLUDES', 'includes/'); 
define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); 
define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); 
define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); 
define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); 
define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); 
define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/'); 
define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/'); 
define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/'); 
define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/'); 
define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/');

 

catalog/includes/configure.php

/ Define the webserver and path parameters 
// * DIR_FS_* = Filesystem directories (local/physical) 
// * DIR_WS_* = Webserver directories (virtual/URL) 
define('HTTP_SERVER', 'http://www.floweraffairs.com'); // eg, http://localhost - should not be empty for productive servers 
define('HTTPS_SERVER', 'https://www.securewebexchange.com/floweraffairs.com'); // eg, https://localhost - should not be empty for productive servers 
define('ENABLE_SSL', true); // secure webserver for checkout procedure? 
define('HTTP_COOKIE_DOMAIN', 'www.floweraffairs.com'); 
define('HTTPS_COOKIE_DOMAIN', 'www.securewebexchange.com/floweraffairs.com'); 
define('HTTP_COOKIE_PATH', '/catalog/'); 
define('HTTPS_COOKIE_PATH', '/catalog/'); 
define('DIR_WS_HTTP_CATALOG', '/catalog/'); 
define('DIR_WS_HTTPS_CATALOG', '/www.floweraffairs.com/catalog/'); 
define('DIR_WS_IMAGES', 'images/'); 
define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); 
define('DIR_WS_INCLUDES', 'includes/'); 
define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); 
define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); 
define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); 
define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); 
define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); 

define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/'); 
define('DIR_FS_CATALOG', '/services/webpages/f/l/floweraffairs.com/public/catalog/'); 
define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/'); 
define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

Link to comment
Share on other sites

Alpha Ray, today you're my hero.  I was having a related problem.  After setting most (but apparently not all) of the shared SSLl settings, the secure pages weren't picking up the non-secure pages' cart contents info and I'd been pulling my hair out over it for days.  I set my cookie domains in the catalog/includes/configure.php file and now all is well in the world.  THANKS!!!!  AMc

Anytime Andrea! :thumbsup:

 

Just send me a beer though the post. :)

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...