back2bas Posted September 10, 2006 Share Posted September 10, 2006 Rather than try and tackle my poroblems with my website host, I thought I would come straight to the source. A quick rundown. I have used cpanelX to install oscommerce on my sevrer. no probs. I have gone through all the settings in osC and adjusted them to my specifications. I am yet to put up my products. I have just had a look at my store page (still in the supplied demo mode) and am noticing that some of the links end up with the standard browser error message HTTP 404 Not Found, in particular 'My Account' and 'Checkout'. What is it that I am supposed to be doing here? Can someone please point me in the right direction for my next step? Even if it's another post/forum that is relative to my noobiness. Once I am on the right track I can usually get things going. It's just finding the track to start with. This is all a bit frustrating and exciting at the same time :'( Thanx in advance to anyone who can help. Link to comment Share on other sites More sharing options...
♥peterpil19 Posted September 10, 2006 Share Posted September 10, 2006 Hi, It looks like you have installed osCommerce with SSL turned on. If you don't have an SSL certificate it, those secure pages (account, checkout etc) will NOT display. To turn SSL off, edit includes / configure.php and admin / includes / configure.php (You may need to change the files' permissions to allow you to do this). Change 'Enable SSL', 'true' to 'false'. This should fix your problem. Peter CE PHOENIX SUPPORTER Support the Project, go PRO and get access to certified add ons Full-time I am a C-suite executive of a large retail company in Australia. In my spare time, I enjoying learning about web-design. Download the latest version of CE Phoenix from gitHub here Link to comment Share on other sites More sharing options...
back2bas Posted September 10, 2006 Author Share Posted September 10, 2006 I did what you said, and I was getting an error when viewing the store. No problem though, I just reinstalled osC and selected no SSL. I will just go over my settings again. I am told by my host that I am using a 'Shared SSL' with my current package. This is why I selected Yes when I was prompted during installation. Is Shared still some protection for the buyer and their credit card details? Or do I need a proper SSL for this? Link to comment Share on other sites More sharing options...
jasonabc Posted September 11, 2006 Share Posted September 11, 2006 Is Shared still some protection for the buyer and their credit card details? Or do I need a proper SSL for this? There is no difference whatsoever (security-wise) between shared SSL and your own, dedicated SSL. Both encrypt the data at 128-bit strength. The only difference is an aesthetic one and appears in the address bar of your browser like so: Shared SSL example URL: https://host393.ipowerweb.com/~mywebsite/ Dedicated IP and SSL: https://mywebsite.com/ Jason My Contributions: Paypal Payflow PRO | Rollover Category Images | Authorize.net Invoice Number Fix Link to comment Share on other sites More sharing options...
jrutherford Posted September 11, 2006 Share Posted September 11, 2006 Hi there, I am having the exact same problem that back2bas has described. I made Enable SSL 'false' and it's now all fine. But does this mean it's now not secure? What do I have to do to make sure the site is secure, AND that the checkout and account loging works? Thanks so much in advance... Jessica. (I'm also really new and excited, but finding it a bit hard) Link to comment Share on other sites More sharing options...
back2bas Posted September 11, 2006 Author Share Posted September 11, 2006 To everyone that has posted so far, thankyou. I have managed to atleast get my head around what needs to be done. Thsi can be a handy thread for us absolute noobs who need things explained in lamens terms. Jessica, I went back to my website package provider and asked them about my 'shared SSL'. I indeed am using it, but it only seems to cover any content that I put under my true domain name. I didn't know at that time that I was to be looking at https://domainname.com/~username and not http://www.domainname.com (notice the 's' in 'https' and the missing www) I would suggest you do the same, and get in contact with your webspace provider. Mine actually directed me to their own Q&A which pointed out the following. Be aware that I dont know if this applies to anyone's website/SSL or specifically to my own provider and their specification. But I hope it helps you. Start Quote: 1. I am using my own SSL or the shared SSL. The Path to SSL is incorrect. You will receive a security warning when using our shared SSL certificate through your own down domain (your domain name is not the domain the shared SSL certificate has been issued to) which will generate a security alert; or MD Web Hosting provides a shared SSL certificate that is for all our clients to use. This will allow you to have a secure site, without the expense of purchasing an SSL certificate. To access your site through the shared secure URL, please access your site by https://servername.com/~username (as found in your welcome email). If you wish to access your OS Commerce securely through https://www.yourdomain.com, you can purchase your own SSL certificate, issued to your own domain name. More information can be found here. To fix your site so the security messages do not appear and your site loads correctly you will need to edit the 'configure.php' file found in the 'includes' folder of your OS Commerce installation, so the shared secure site path or private SSL is correct. Half way down the configure.php file reads: define('HTTP_SERVER', 'http://domainname.com'); // eg, URL to your store front define('HTTPS_SERVER', 'https://servername/~username'); // Secure URL to your store front through SSL define('ENABLE_SSL', true); // Leave as True. define('HTTP_COOKIE_DOMAIN', 'domainname.com'); define('HTTPS_COOKIE_DOMAIN', 'domainname.com') Please edit the configure.php file, replacing HTTPS_SERVER value with the Shared SSL web address (see above). If you are using the shared URL, check the shared URL link using the link in the previous chapter. If using a private SSL, enter your private SSL web address. Once edited, save your file. Also make sure when saving the file, there are no empty spaces or gaps at the end of the file, as this will cause header errors to be displayed. Reload your web site. The error should be fixed and your images will load. Link to comment Share on other sites More sharing options...
back2bas Posted September 11, 2006 Author Share Posted September 11, 2006 PLEASE NOTE: I dont know why, but I had to go back and remove any 'write' permissions I gave to the configure.php file, after doing the above edit, so my osC store wouldn't have a confliction. The standard pink bar (error) appeared at the top of the store saying that security was at risk. Once I put the write permissions back to normal, so did the store. Phew. Can anyone tell me if this is a standard prcatice amongst all files? I f you wrie enable them, should you UN-enable it so as to be safe? So far so good :blush: Link to comment Share on other sites More sharing options...
starcad Posted September 12, 2006 Share Posted September 12, 2006 PLEASE NOTE: I dont know why, but I had to go back and remove any 'write' permissions I gave to the configure.php file, after doing the above edit, so my osC store wouldn't have a confliction. The standard pink bar (error) appeared at the top of the store saying that security was at risk. Once I put the write permissions back to normal, so did the store. Phew. Can anyone tell me if this is a standard prcatice amongst all files? I f you wrie enable them, should you UN-enable it so as to be safe? So far so good :blush: Yes, this is normal operation. You should also password protect your admin page with an .htaccess file or one of the contributions is the contribution area Link to comment Share on other sites More sharing options...
jasonabc Posted September 12, 2006 Share Posted September 12, 2006 Not all files - no. Just your configure.php file. You have to change permissions if you want to edit it. Once done, save and reset the permissions back to 444. Jason My Contributions: Paypal Payflow PRO | Rollover Category Images | Authorize.net Invoice Number Fix Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.