Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Removing SSL error


Jes1FromFL

Recommended Posts

Posted

Since payments are done through paypal and not on my own site, I do not need my website to be secure. This way I can use my own domain name instead of my host's address. I set my config files to SSL: false, but I still get the annoying 'Security Error: Domain Name Mismatch' error. What else could I do to remove this message from showing up?

Posted

Remove all https addresses (leave blank) in both configure.php files - not just setting enable_ssl to false.

 

Good luck - I wouldn't buy from your site. If you can't be bothered to supply encryption for my details when I sign up, edit my account, login and logout then why should I bother to buy from you?

 

Vger

Posted
Good luck - I wouldn't buy from your site. If you can't be bothered to supply encryption for my details when I sign up, edit my account, login and logout then why should I bother to buy from you?

 

Vger

 

Since when is name and address sensitive information? Your info can be found in the local phone book or on google. Credit card information is not stored on my site. This site isn't secure when you input profile details. Any other opinions on this? Thanks btw.

 

Nice site, btw, Vger. Now how is your site not secure when just browsing? Mine switches to secure the minute you click any page or product.

 

I'm just trying to use my own domain name in the address bar. Since I have a shared SSL, it shows my host address, and looks retarded! (https://host368.ipowerweb.com) Doesn't even look like it's even my website!

Posted

Go buy a full ssl cert if shared worries you. They cost less than $50 a year, plus the dedicated ip address.

 

Any half-competent hacker can intercept unencrypted info being sent over the web. That would include the User Name and Password for logging into 'My Account'. I don't know your site, but what if you installed Gift Vouchers and someone had credits in their account - someone hacks it, uses the Gift Voucher balance and selects a different shipping address. They get the goods, you get all the trouble.

 

My 'Live Shop' entry isn't my own site, it's one I built for someone. No site should switch to ssl as soon as you start to move around the site, and that's just a sign that the includes/configure.php file has not been set up correctly.

 

Vger

Posted
Go buy a full ssl cert if shared worries you. They cost less than $50 a year, plus the dedicated ip address.

 

No site should switch to ssl as soon as you start to move around the site, and that's just a sign that the includes/configure.php file has not been set up correctly.

 

That's what I'm going to do. Mine is actually $99 for the first year, then $150 each year after. Pretty steep?

 

Also, my configure.php file is the original included with osCommerce. What's wrong with it?

<?php
/*
 osCommerce, Open Source E-Commerce Solutions
 http://www.oscommerce.com

 Copyright (c) 2003 osCommerce

 Released under the GNU General Public License
*/

// Define the webserver and path parameters
// * DIR_FS_* = Filesystem directories (local/physical)
// * DIR_WS_* = Webserver directories (virtual/URL)
 define('HTTP_SERVER', 'https://host368.ipowerweb.com');		
 define('HTTPS_SERVER', 'https://host368.ipowerweb.com');
 define('ENABLE_SSL', true);			// secure webserver for checkout procedure?
 define('HTTP_COOKIE_DOMAIN', 'stylesindemand.com');
 define('HTTPS_COOKIE_DOMAIN', 'host368.ipowerweb.com/~stylesin');
 define('HTTP_COOKIE_PATH', '/~stylesin/osCommerce2/catalog/');
 define('HTTPS_COOKIE_PATH', '/~stylesin/osCommerce2/catalog/');
 define('DIR_WS_HTTP_CATALOG', '/~stylesin/osCommerce2/catalog/');
 define('DIR_WS_HTTPS_CATALOG', '/~stylesin/osCommerce2/catalog/');
 define('DIR_WS_IMAGES', 'images/');
 define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
 define('DIR_WS_INCLUDES', 'includes/');
 define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
 define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
 define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
 define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
 define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');
 define('DIR_FS_CATALOG', '/home/stylesin/public_html/osCommerce2/catalog/');
 define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');
 define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

// define our database connection
 define('DB_SERVER', 'localhost'); // eg, localhost - should not be empty for productive servers
 define('DB_SERVER_USERNAME', 'XXXXX');
 define('DB_SERVER_PASSWORD', 'XXXXX');
 define('DB_DATABASE', 'XXXXX');
 define('USE_PCONNECT', 'false'); // use persistent connections?
 define('STORE_SESSIONS', ''); // leave empty '' for default handler or set to 'mysql'
?>

Posted

Hi, what vger is saying is that nowadays with fears of hackers and unauthorised 3rd parties obtaining transaction and information that is personally identifiable, most people expect some sort of security, and may be turned off shopping at your site unless they see a ssl sign or verisign etc. Even if you are using paypal, and the credit card information is not stored in your sites database or anything like that, try explaining that to every single customer!

 

SSL certificates don't come cheap, but if you are serious about your site, it is something that should definitely be considered. It can pay for itself anyway. If it means that 5 customers more than usual purchase from your store in a period of one year, then you have made your money back.

 

Like you, I don't have SSL but my site is less than 2 months old, and I will definitely invest in it soon.

 

 

 

Kind Regards,

 

Peter

CE PHOENIX SUPPORTER

Support the Project, go PRO and get access to certified add ons

Full-time I am a C-suite executive of a large retail company in Australia. In my spare time, I enjoying learning about web-design.

Download the latest version of CE Phoenix from gitHub here

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...