Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

SSL Problem (Fasthosts)


Guest

Recommended Posts

Hi,

 

I've run my shop for over a year with no problems - as far as I know I haven't changed anything recently that could possibly effect the way SSL is working but this morning it stopped working after my hosts secure url servers went down for 24 hours because of a problem. They insist they haven't made any changes but they must have....

 

Anyway, when I check out my admin via SSL it works fine and picks up images hosted on the SSL server. When I try the 'my account' section of my catalog I get the 'this page has secure and non secure items' message. If I click yes the page then displays without the padlock and takes images from the unsecure server... if I click no I get a secure connection with text but it doesn't pick up the images or any of the formatting.

 

Could anyone please take a quick glance at my config files incase I've done something stupid?

 

catalog/includes/configure.php:

 

  define('HTTP_SERVER', 'http://www.website.co.uk'); // eg, http://localhost - should not be empty for productive servers
 define('HTTPS_SERVER', 'https://vault2.secured-url.com/website'); // eg, https://localhost - should not be empty for productive servers
 define('ENABLE_SSL', true); // secure webserver for checkout procedure?
 define('HTTP_COOKIE_DOMAIN', 'www.website.co.uk');
 define('HTTPS_COOKIE_DOMAIN', 'https://vault2.secured-url.com/website');
 define('HTTP_COOKIE_PATH', '/catalog/');
 define('HTTPS_COOKIE_PATH', '/catalog/');
 define('DIR_WS_HTTP_CATALOG', '/catalog/');
 define('DIR_WS_HTTPS_CATALOG', '/catalog/');
 define('DIR_WS_IMAGES', 'images/');
 define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
 define('DIR_WS_INCLUDES', 'includes/');
 define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
 define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
 define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
 define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
 define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');
 define('DIR_FS_CATALOG', '/home/fhlinux176/h/website.co.uk/user/htdocs/catalog/');
 define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');
 define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

 

/catalog/admin/includes/configure.php

 

 define('HTTP_SERVER', 'http://www.website.co.uk'); // eg, http://localhost - should not be empty for productive servers
 define('HTTP_CATALOG_SERVER', 'http://www.website.co.uk');
 define('HTTPS_CATALOG_SERVER', 'https://vault2.secured-url.com/website');
 define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module
 define('DIR_FS_DOCUMENT_ROOT', '/home/fhlinux176/h/website.co.uk/user/htdocs/catalog/'); // where the pages are located on the server
 define('DIR_WS_ADMIN', '/catalog/admin/'); // absolute path required
 define('DIR_FS_ADMIN', '/home/fhlinux176/h/website.co.uk/user/htdocs/catalog/admin/'); // absolute pate required
 define('DIR_WS_CATALOG', '/catalog/'); // absolute path required
 define('DIR_FS_CATALOG', '/home/fhlinux176/h/website.co.uk/user/htdocs/catalog/'); // absolute path required
 define('DIR_WS_IMAGES', 'images/');
 define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
 define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/');
 define('DIR_WS_INCLUDES', 'includes/');
 define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
 define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
 define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
 define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
 define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');
 define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/');
 define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/');
 define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/');
 define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/');
 define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/');

 

It's been working for ages so I don't see where the problem has originated, but if anyone spots anything dodgy I'd really appreciate a heads up.

 

Thanks for looking!!

Sam

Link to comment
Share on other sites

Try these:

 

  define('HTTP_COOKIE_DOMAIN', '.website.co.uk');
 define('HTTPS_COOKIE_DOMAIN', '.vault2.secured-url.com');
 define('HTTP_COOKIE_PATH', '/');
 define('HTTPS_COOKIE_PATH', '/');

To fix this:

 

When I try the 'my account' section of my catalog I get the 'this page has secure and non secure items' message. If I click yes the page then displays without the padlock and takes images from the unsecure server... if I click no I get a secure connection with text but it doesn't pick up the images or any of the formatting.

I'll need a link to your site.

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

Hi Jim - thanks for the tip, I tried it but it didn't work (I think I had tried something similar already). You can see my site here.

 

I appreciate the help!

Link to comment
Share on other sites

Incidently I'm started to get a real bad vibe about fasthosts, just been reading around the internet and there's some real negative feedback going down - I feel like this has been common knowledge but I'm only just finding out about it now.

 

They periodically ruin sites with sudden unannounced changes, with idiotic support, and have set my business back years and my age forward the same, due to the stress.

 

I've emailed them to try and find out what changes they might have made to their SSL server whilst it was down - I'm surprised no one else has encountered this problem yet.... sorry for the double post.

 

P.S. Also their support forum is always down... maybe it's hosted on one of their own servers? :P

Link to comment
Share on other sites

osC isn't recognizing that you have SSL on the catalog side for some reason.

 

Actually that's common when using a shared SSL certificate.

 

Copy the text in the CODE box below into a text editor (Notepad) on your PC:

 

<?php
echo 'HTTP HOST: ' . "$HTTP_HOST";
echo '<br>Server Port: ' . getenv('SERVER_PORT');
echo '<br>SSL Status: ' . getenv('HTTPS');
echo '<br>Fowarded Server: ' . getenv('HTTP_X_FORWARDED_SERVER');
echo '<br>Fowarded Host: ' . getenv('HTTP_X_FORWARDED_HOST');
echo '<br>Fowarded By: ' . getenv('HTTP_X_FORWARDED_BY');
?>

 

Save it as myenv.php

 

Upload it into your /catalog folder on your server.

 

Then, access it using the link below: <-- VERY IMPORTANT!!!

 

click me

 

YOU MUST USE THE LINK ABOVE OR THE OUTPUT IS USELESS!!!

 

It will output some text to your browser.

 

Copy/paste that output into your next post.

 

Then you can delete the script if you want. It's not "dangerous" in any way. It just outputs some info about your SSL that may be useful in solving your problem.

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

It came out with the following:

 

HTTP HOST:

Server Port:

SSL Status:

Fowarded Server:

Fowarded Host:

Fowarded By:

 

Blank - I had actually seen this file before and had tried it (found it when trying to Google for solutions) but I didn't know what to make of the fact that none of the info came up. Does this mean anything to you?

 

I'm assuming they've disabled me from doing this somehow.

 

Thanks again!

Link to comment
Share on other sites

Actually, getting blank in the case will do just fine!

:lol:

 

When I access the same script using your non-SSL URL, it outputs this:

 

HTTP HOST:

Server Port: 80

SSL Status:

Fowarded Server:

Fowarded Host:

Fowarded By:

All we're really looking for is a system variable we can access that's different when in SSL and non-SSL mode.

 

So, when in SSL mode Server Port is blank, and when in non-SSL mode Server Port is 80.

 

That being said, in your /catalog/includes/application_top.php find this code (around line 41):

 

// set the type of request (secure or not)
 $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';

Alter it to this:

 

// set the type of request (secure or not)
//  $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL'; this was the old code
// non -std code added 24-06-08
 $request_type = (getenv('SERVER_PORT') != '80') ? 'SSL' : 'NONSSL';

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

That didn't have any effect that I can see - what did you have in mind there, having it use the whatever server port is provided so long as it's not 80?

 

Thanks.

Link to comment
Share on other sites

Let's change the one line of code to this:

 

  $request_type = (getenv('SERVER_PORT') == '80') ? 'NONSSL' : 'SSL';

If this doesn't work I'll send you a PM with something else to do.

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

Hi again Jim.... I didn't think it would work.... BUT IT WORKED!!! HOORAY!! :P

 

Panic over, if you ever come to the UK I owe you a pint, big time!

 

Thankyou.

Link to comment
Share on other sites

  • 1 year later...
Hi again Jim.... I didn't think it would work.... BUT IT WORKED!!! HOORAY!! :P

 

Panic over, if you ever come to the UK I owe you a pint, big time!

 

Thankyou.

 

 

Hi mate,

How did you sort this problem out? I'm totally stuck, I have RC2a and I get the message: Server Requirement Error: register_globals is disabled in your PHP configuration. This can be enabled in your php.ini configuration file or in the .htaccess file in your catalog directory.

 

I tried a RG contribs but they didnt work.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...