override SSL

[eewalker1939]

After installing SSL and SEO, my inventory source cannot upload inventory to my database. This has been working. Here is the email I received from their support people. Can anyone explain to me what they are asking me to do? Their email follows:

 

[We have checked this again and noticed that you have applied SSL on all the pages of your site and that is the reason that our script is not able to hit your site and update database.

 

So please check this and make changes at your end for this SSL and make our script URL accessible without SSL(https pages). http://www.eddies-place.com/xmlPopulate_MFA_OLD.php

Thanks,

Support

 

Visit Our Support Site:

http://www.inventorysource.com/support/]

 

end of email.

 

Any help is appreciated

 

Eddie

[germ]

The key is here:

 

We have checked this again and noticed that you have applied SSL on all the pages of your site

Edit your configure.php, and maybe your .htaccess file because you have SEO URL's, to not make the whole site SSL.

 

The only pages that need to be SSL are create/edit account, login, and checkout (I think).

 

And besides, Google (and probably most of the other search engines) don't index ANY SSL pages.

 

Therefore, none of your pages will end up on the search engines.

 

Kind of defeats the purpose of having an e-store (losing all that free online "advertising").

:-"

[eewalker1939]

The key is here:

Edit your configure.php, and maybe your .htaccess file because you have SEO URL's, to not make the whole site SSL.

 

The only pages that need to be SSL are create/edit account, login, and checkout (I think).

 

And besides, Google (and probably most of the other search engines) don't index ANY SSL pages.

 

Therefore, none of your pages will end up on the search engines.

 

Kind of defeats the purpose of having an e-store (losing all that free online "advertising").

:-"

 

 

The only thing I can do is enable or disable SSL in configure.php. When I look at my site the only links that appear with "https" are account, checkout, and login. It appears that google is crawling the site alright. How do I disable specific pages or modules, ie the xmlpopulat.php module.

[germ]

Post the part of your catalog configure file that contains these definitions:

 

  define('HTTP_SERVER', 'http://www.yoursite.com'); // eg, http://localhost - should not be empty for productive servers
 define('HTTPS_SERVER', 'https://www.yoursite.com'); // eg, https://localhost - should not be empty for productive servers
 define('ENABLE_SSL', 'true'); // secure webserver for checkout procedure?

 define('HTTP_COOKIE_DOMAIN', '.yoursite.com');
 define('HTTPS_COOKIE_DOMAIN', '.yoursite.com');

 define('HTTP_COOKIE_PATH', '/');
 define('HTTPS_COOKIE_PATH', '/');

[eewalker1939]

Here is my /includes/configuration.php file with password and username xx'd out.

 

I really do appreciate your help.

 

Eddie

 

 

/*

osCommerce, Open Source E-Commerce Solutions

http://www.oscommerce.com

 

Copyright © 2003 osCommerce

 

Released under the GNU General Public License

*/

 

// Define the webserver and path parameters

// * DIR_FS_* = Filesystem directories (local/physical)

// * DIR_WS_* = Webserver directories (virtual/URL)

define('HTTP_SERVER', 'http://www.eddies-place.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://www.eddies-place.com'); // eg, https://localhost - should not be empty for productive servers

define('ENABLE_SSL', 'true'); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'www.eddies-place.com');

define('HTTPS_COOKIE_DOMAIN', 'www.eddies-place.com');

define('HTTP_COOKIE_PATH', '/');

define('HTTPS_COOKIE_PATH', '/');

define('DIR_WS_HTTP_CATALOG', '/');

define('DIR_WS_HTTPS_CATALOG', '/');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 

define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');

define('DIR_FS_CATALOG', '/home/eddiesp/public_html/');

define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');

define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

 

// define our database connection

define('DB_SERVER', 'localhost'); // eg, localhost - should not be empty for productive servers

define('DB_SERVER_USERNAME', 'xxxxxxxxxxx');

define('DB_SERVER_PASSWORD', 'xxxxxxxxxxx');

define('DB_DATABASE', xxxxxxxxxx);

define('USE_PCONNECT', 'false'); // use persistent connections?

define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql'

// META Tags by Tabsl

define('META_GLOBAL_TITLE', '<Eddies Place> Global Shop-Title-Tag');

define('META_GLOBAL_DESC', '<An Online Department Store> Global Meta-Description');

define('META_GLOBAL_KWORDS', '<automotive, security, hunters, hunting, spy, secret, law enforcement, stun gun, listening devices, boots, hunting equipment, hunting gear, knifes, safes, alarms, saftey, child safety, chimes> Global Meta-Keywords!');

?>

[germ]

That looks OK.

 

The problem must be in the .htaccess rewrite rules for your SEF URL's

 

When I access your site with an http:// prefix, it rewrites it to https://

 

Even if I manually change it in the browser address window, when the page comes up it's got the SSL URL instead.

:blush:

[eewalker1939]

Options +FollowSymLinks

RewriteEngine On

RewriteBase /

RewriteRule ^(.*)-p-(.*).html$ product_info.php?products_id=$2&%{QUERY_STRING}

RewriteRule ^(.*)-c-(.*).html$ index.php?cPath=$2&%{QUERY_STRING}

Here is my htaccess file:

 

RewriteRule ^(.*)-m-([0-9]+).html$ index.php?manufacturers_id=$2&%{QUERY_STRING}

RewriteRule ^(.*)-pi-([0-9]+).html$ popup_image.php?pID=$2&%{QUERY_STRING}

RewriteRule ^(.*)-t-([0-9]+).html$ articles.php?tPath=$2&%{QUERY_STRING}

RewriteRule ^(.*)-a-([0-9]+).html$ article_info.php?articles_id=$2&%{QUERY_STRING}

RewriteRule ^(.*)-pr-([0-9]+).html$ product_reviews.php?products_id=$2&%{QUERY_STRING}

RewriteRule ^(.*)-pri-([0-9]+).html$ product_reviews_info.php?products_id=$2&%{QUERY_STRING}

RewriteRule ^(.*)-i-([0-9]+).html$ information.php?info_id=$2&%{QUERY_STRING}

 

# This is an example - Do not blindly copy this file to your catalog folder - Follow the manual instructions and change the RewriteBase to match your store

#-MS- SEO-G Added

Options +FollowSymLinks -Indexes

 

RewriteRule ^(.*).html$ root.php?$1.html&%{QUERY_STRING}

#-MS- SEO-G Added EOM

 

RewriteCond %{SERVER_PORT} !^443$

RewriteRule ^ https://www.eddies-place.com%{REQUEST_URI} [NS,R,L]

 

I am not sure how I should change this. It was coded by the people that installed SEO for me.

 

Do you have any suggestions?

 

Thanks again for your help.

[germ]

Well, I don't have a lot of experience with .htaccess

 

My guess would be to change these lines:

 

RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^ https://www.eddies-place.com%{REQUEST_URI} [NS,R,L]

To

 

#RewriteCond %{SERVER_PORT} !^443$
#RewriteRule ^ https://www.eddies-place.com%{REQUEST_URI} [NS,R,L]

That just "comments out" those lines (i.e they are ignored).

 

If it doesn't work, remove the "#" and you're back where you started.

[eewalker1939]

Thanks, Germ.

 

I commented out the last line of the .htaccess file and it cleared the problem. My database is being updated again. I think that may have also cleared some other problems I was experiencing. A little time will tell.

 

Eddie