brazillia Posted April 2, 2005 Share Posted April 2, 2005 Hi all, Sorry to flog an already flogged horse but I've read through hundreds of posts, tried all the suggestions and still have issues. The first problem is that the admin panel says that I am not protected by a secure connection even though I have the padlock showing in the browser. I took a look through the index.php file in the catalog/admin folder and found the code that determines whether you are protected or not (on or around line 179). I changed: if (getenv('HTTPS') == 'on') { $size = ((getenv('SSL_CIPHER_ALGKEYSIZE')) ? getenv('SSL_CIPHER_ALGKEYSIZE') . '-bit' : '<i>' . BOX_CONNECTION_UNKNOWN . '</i>'); to: if (getenv('HTTPS') == '') { $size = ((getenv('SSL_CIPHER_ALGKEYSIZE')) ? getenv('SSL_CIPHER_ALGKEYSIZE') . '-bit' : '<i>' . BOX_CONNECTION_UNKNOWN . '</i>'); By removing the "on" in the first line above, the admin panel now says that I am protected by an unknown SSL contection (which seems to be the best you can get). Have I actually fixed my problem or have I just forced it into telling me what I want? And/or does it matter? Second, when I am testing the catalog and making a purchase, when I get to the secure pages at checkout all my padlocks in the browser are split in two (they show correctly in the admin panel). When I click on the padlock it tells me that the page is encrypted and signed by Equifax, but if I were a customer I would not be sure/convinced. I've tried so many things now that I am not sure what's what anymore. If some kind soul could look at my admin/includes/configure.php file below and let me know if I've got it all squared away I would appreciate it. (looking at it below I see that the DIR_WS_ADMIN and DIR_WS_CATALOG are supposed to be absolute and they were not Thanks Steve define('HTTP_SERVER', 'https://ssl.perfora.net/traditionalstudies.org'); // eg, http://localhost - should not be empty for productive servers define('HTTP_CATALOG_SERVER', 'https://ssl.perfora.net/traditionalstudies.org'); define('HTTPS_CATALOG_SERVER', 'https://ssl.perfora.net/traditionalstudies.org'); define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module define('DIR_FS_DOCUMENT_ROOT', '../catalog/'); // where the pages are located on the server (I removed most of the path for posting) define('DIR_WS_ADMIN', '/catalog/admin/'); // absolute path required define('DIR_FS_ADMIN', '../catalog/admin/'); // absolute pate required (I removed most of the path for posting) define('DIR_WS_CATALOG', '/catalog/'); // absolute path required define('DIR_FS_CATALOG', '../catalog/'); // absolute path required (I removed most of the path for posting) define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/'); define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/'); define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/'); Link to comment Share on other sites More sharing options...
Simplyeasier Posted April 2, 2005 Share Posted April 2, 2005 Hi all, Sorry to flog an already flogged horse but I've read through hundreds of posts, tried all the suggestions and still have issues. The first problem is that the admin panel says that I am not protected by a secure connection even though I have the padlock showing in the browser. I took a look through the index.php file in the catalog/admin folder and found the code that determines whether you are protected or not (on or around line 179). I changed: if (getenv('HTTPS') == 'on') { ? ? $size = ((getenv('SSL_CIPHER_ALGKEYSIZE')) ? getenv('SSL_CIPHER_ALGKEYSIZE') . '-bit' : '<i>' . BOX_CONNECTION_UNKNOWN . '</i>'); ? ? to: if (getenv('HTTPS') == '') { ? ? $size = ((getenv('SSL_CIPHER_ALGKEYSIZE')) ? getenv('SSL_CIPHER_ALGKEYSIZE') . '-bit' : '<i>' . BOX_CONNECTION_UNKNOWN . '</i>'); By removing the "on" in the first line above, the admin panel now says that I am protected by an unknown SSL contection (which seems to be the best you can get). Have I actually fixed my problem or have I just forced it into telling me what I want? And/or does it matter? Second, when I am testing the catalog and making a purchase, when I get to the secure pages at checkout all my padlocks in the browser are split in two (they show correctly in the admin panel). When I click on the padlock it tells me that the page is encrypted and signed by Equifax, but if I were a customer I would not be sure/convinced. I've tried so many things now that I am not sure what's what anymore. If some kind soul could look at my admin/includes/configure.php file below and let me know if I've got it all squared away I would appreciate it. (looking at it below I see that the DIR_WS_ADMIN and DIR_WS_CATALOG are supposed to be absolute and they were not Thanks Steve ? define('HTTP_SERVER', 'https://ssl.perfora.net/traditionalstudies.org'); // eg, http://localhost - should not be empty for productive servers ? define('HTTP_CATALOG_SERVER', 'https://ssl.perfora.net/traditionalstudies.org'); ? define('HTTPS_CATALOG_SERVER', 'https://ssl.perfora.net/traditionalstudies.org'); ? define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module ? define('DIR_FS_DOCUMENT_ROOT', '../catalog/'); // where the pages are located on the server (I removed most of the path for posting) ? define('DIR_WS_ADMIN', '/catalog/admin/'); // absolute path required ? define('DIR_FS_ADMIN', '../catalog/admin/'); // absolute pate required (I removed most of the path for posting) ? define('DIR_WS_CATALOG', '/catalog/'); // absolute path required ? define('DIR_FS_CATALOG', '../catalog/'); // absolute path required (I removed most of the path for posting) ? define('DIR_WS_IMAGES', 'images/'); ? define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); ? define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/'); ? define('DIR_WS_INCLUDES', 'includes/'); ? define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); ? define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); ? define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); ? define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); ? define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); ? define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/'); ? define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/'); ? define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/'); ? define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/'); ? define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/'); <{POST_SNAPBACK}> Hi You ask Have I actually fixed my problem or have I just forced it into telling me what I want? And/or does it matter? I don't think you have fixed it by removing ON and I don't think it matters anyway. SSL does NOT protect your site or admin (you do that with directory protection and .htaccess etc - SSL is an encryption technology to protect the transmission of data from browser to server and vice versa. So having admin under SSL protection is not an issue unl;ess you want to protect your product and other info uploads to your server :D Your admin configure.php file looks strange in some of the path settings to me - for instance Ensure your https: paths have the name of your cert as it was issued Your 'HTTP_CATALOG_SERVER' above has an https path defined ??? Your 'DIR_FS_DOCUMENT_ROOT' is not correct You may also have problems (going on the above) with your catalog/includes configure.php - I am posting one on my live files for you to compare - BTW there is no need to remove the full paths as no one can do anything to them if you have chmod'ed your configure.php files Here it is // Define the webserver and path parameters // * DIR_FS_* = Filesystem directories (local/physical) // * DIR_WS_* = Webserver directories (virtual/URL) define('HTTP_SERVER', 'http://www.simplyeasier.com'); // eg, http://localhost - should not be empty for productive servers define('HTTP_CATALOG_SERVER', 'http://www.simplyeasier.com'); define('HTTPS_CATALOG_SERVER', 'https://simplyeasier.com'); define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module define('DIR_FS_DOCUMENT_ROOT', '/home/simply/public_html'); // where the pages are located on the server define('DIR_WS_ADMIN', '/catalog/jomoadmin/'); // absolute path required define('DIR_FS_ADMIN', '/catalog/jomoadmin/'); // absolute pate required define('DIR_WS_CATALOG', '/catalog/'); // absolute path required define('DIR_FS_CATALOG', '/home/simply/public_html/catalog/'); // absolute path required define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/'); define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/'); define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/'); hth Charles A kite flies highest AGAINST the wind ! "Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, a lover in one hand, martini in the other, body thoroughly used up, totally worn out and screaming ~ WOO HOO!! What a ride!" Link to comment Share on other sites More sharing options...
brazillia Posted April 2, 2005 Author Share Posted April 2, 2005 Hi You ask Have I actually fixed my problem or have I just forced it into telling me what I want? And/or does it matter? I don't think you have fixed it by removing ON and I don't think it matters anyway. I didn't think so on either count, but I wanted a second opinion. I've got the admin file directory protected but I needed SSL to look up credit card numbers safely. I should probably change the folder name just to be sure. Your admin configure.php file looks strange in some of the path settings to me - for instance Ensure your https: paths have the name of your cert as it was issued Your 'HTTP_CATALOG_SERVER' above has an https path defined ??? Your 'DIR_FS_DOCUMENT_ROOT' is not correct. I had to change the http_catalog_server to get all the other admin pages encrypted, which seemed to be described in a lot of other threads. I changed the dir_fs_document_root and nothing bad seemed to happen. Thanks. Any idea on the second problem? Cheers Steve Link to comment Share on other sites More sharing options...
Simplyeasier Posted April 2, 2005 Share Posted April 2, 2005 I didn't think so on either count, but I wanted a second opinion. I've got the admin file directory protected but I needed SSL to look up credit card numbers safely. I should probably change the folder name just to be sure. I had to change the http_catalog_server to get all the other admin pages encrypted, which seemed to be described in a lot of other threads. I changed the dir_fs_document_root and nothing bad seemed to happen. Thanks. Any idea on the second problem? Cheers Steve <{POST_SNAPBACK}> Post your catalog/includes configure.php and / or a link to the catalog so forum can review the padlock thing and any alerts \ warnings so forum can review and give you advice Charles A kite flies highest AGAINST the wind ! "Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, a lover in one hand, martini in the other, body thoroughly used up, totally worn out and screaming ~ WOO HOO!! What a ride!" Link to comment Share on other sites More sharing options...
brazillia Posted April 2, 2005 Author Share Posted April 2, 2005 Post your catalog/includes configure.php and / or a link to the catalog so forum can review the padlock thing and any alerts \ warnings so forum can review and give you advice Charles <{POST_SNAPBACK}> Here is the catalog/includes/configure.php file define('HTTP_SERVER', 'http://www.traditionalstudies.org'); // eg, http://localhost - should not be empty for productive servers define('HTTPS_SERVER', 'https://ssl.perfora.net/traditionalstudies.org'); // eg, https://localhost - should not be empty for productive servers define('ENABLE_SSL', 'true'); // secure webserver for checkout procedure? define('HTTP_COOKIE_DOMAIN', 'www.traditionalstudies.org'); define('HTTPS_COOKIE_DOMAIN', 'ssl.perfora.net/traditionalstudies.org'); define('HTTP_COOKIE_PATH', '/catalog/'); define('HTTPS_COOKIE_PATH', '/catalog/'); define('DIR_WS_HTTP_CATALOG', '/catalog/'); define('DIR_WS_HTTPS_CATALOG', '/catalog/'); define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); If I change the http_server to https://ssl.perfora.net/traditionalstudies.org the entire store is covered by ssl correctly, but this will slow down the store. The store is very much in test mode so it doesn't look good but can be seen at Association for Traditional Studies I've gone through just about every line in the configure file and made changes to see what happens but I still can't get it to work properly. I even cut and pasted the ssl info from my host (1and1.com) to make sure I didn't type it incorrectly. Cheers, Steve Link to comment Share on other sites More sharing options...
Simplyeasier Posted April 3, 2005 Share Posted April 3, 2005 Here is the catalog/includes/configure.php file define('HTTP_SERVER', 'http://www.traditionalstudies.org'); // eg, http://localhost - should not be empty for productive servers define('HTTPS_SERVER', 'https://ssl.perfora.net/traditionalstudies.org'); // eg, https://localhost - should not be empty for productive servers define('ENABLE_SSL', 'true'); // secure webserver for checkout procedure? define('HTTP_COOKIE_DOMAIN', 'www.traditionalstudies.org'); define('HTTPS_COOKIE_DOMAIN', 'ssl.perfora.net/traditionalstudies.org'); define('HTTP_COOKIE_PATH', '/catalog/'); define('HTTPS_COOKIE_PATH', '/catalog/'); define('DIR_WS_HTTP_CATALOG', '/catalog/'); define('DIR_WS_HTTPS_CATALOG', '/catalog/'); define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); If I change the http_server to https://ssl.perfora.net/traditionalstudies.org the entire store is covered by ssl correctly, but this will slow down the store. The store is very much in test mode so it doesn't look good but can be seen at Association for Traditional Studies I've gone through just about every line in the configure file and made changes to see what happens but I still can't get it to work properly. I even cut and pasted the ssl info from my host (1and1.com) to make sure I didn't type it incorrectly. Cheers, Steve <{POST_SNAPBACK}> Remove the quotes around true in your define('ENABLE_SSL', 'true'); (for some reason they only seem to be needed in the admin configure.php I looked at the site and logged into account set up - the address bar shows https: as it should but no padlock in the status bar. Maybe you need to talk to the technical guys at your cert issuing company because your configure above (apart from the true bit) looks OK. Charles A kite flies highest AGAINST the wind ! "Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, a lover in one hand, martini in the other, body thoroughly used up, totally worn out and screaming ~ WOO HOO!! What a ride!" Link to comment Share on other sites More sharing options...
♥Vger Posted April 3, 2005 Share Posted April 3, 2005 Hi, Well first of all https cookie domain has to be a domain and not a domain plus file pathway. Secondly it's not your domain, so I suggest you try leaving this blank: define('HTTPS_COOKIE_DOMAIN', 'ssl.perfora.net/traditionalstudies.org'); If that doesn't work then use: define('HTTPS_COOKIE_DOMAIN', 'ssl.perfora.net'); and then adjust https cookie path to: 'traditionalstudies.org/catalog/' might work, can't promise anything. With 1and1 I think you also have to edit this: if (getenv('HTTPS') == 'on') { to this: if (getenv('HTTPS') == '1') { Vger Link to comment Share on other sites More sharing options...
brazillia Posted April 3, 2005 Author Share Posted April 3, 2005 With 1and1 I think you also have to edit this: if (getenv('HTTPS') == 'on') { to this: if (getenv('HTTPS') == '1') { Vger <{POST_SNAPBACK}> Thanks for the help there Charles and Vger. I took care of the changes to the configure file and hopefully I am all set there. I found the above code in catalog/includes/application_top.php and changed it to "1" but that didn't do anything. Then I went and left it blank and lo and behold the pages were encryted. Of course, I now have an issue with the PWA contribution not being secure but I will find a thread over there and post (unless of course someone knows of anything here). Thanks for taking the time to look at this for me. If, of course, I have done something really stupid by leaving the code above blank, please let me know. Steve Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.