centrios40 Posted October 16, 2008 Posted October 16, 2008 ok, so i just got my host to install a PostivePlus SSL certificate. its installed, and because the entire site has to be forwarded to www.domain.com, but my site now doesn't work. i keep getting these "redirect loops" "Redirection limit for this URL exceeded. Unable to load the requested page. This may be caused by cookies that are blocked. The browser has stopped trying to retrieve the requested item. The site is redirecting the request in a way that will never complete. * Have you disabled or blocked cookies required by this site? * NOTE: If accepting the site's cookies does not resolve the problem, it is probably a server configuration issue and not your computer." my host says either remove the redirect (remove the protection) or theres something wrong with the PHP of oscommerce. Here's their response: I apologize for the trouble that you have been having, but the SSL certificate is installed. I have checked your site and the reason that it's coming back as being not-secure is because you have attributes of your site that are not being transferred over an encrypted source. For example, there are several links and images that are being sent over http instead of https. You can view this by checking your source code and by also examining the SSL certificate (along with the information that firefox displays about the page involving SSL). If there is anything else that we can assist you with please do not hesitate to let us know. i have no idea what the hell their talking about, and I certainly have no idea how to fix the problem.
failsafe Posted October 17, 2008 Posted October 17, 2008 anyone? I'm not sure what the redirect loop is all about. I guess the first thing to check is your 2 configure.php files in admin/includes/configure.php and includes/configure.php. There was another topic today in which I posted example settings, plus others contributed their thoughts too. Perhaps you might like to take a look at that to see if your configure.php files are OK now that you've added the SSL certificate. The particular post I'm refering to is post #9 here. It's a start at least.
centrios40 Posted October 18, 2008 Author Posted October 18, 2008 Hello, it seems I am having a similar, but not exactly the same problem as: this post my website is this: www.ghilliegear.com if you look at the bottom, you can see the gold lock, but it has a red question mark.. clicking on product links, returns errors. i can't login into my admin area either. it keeps saying wrong login credentials. this is pure havoc, its annoying me beyond belief! I told my Host Company to install the SSL certificate on the entire site, they said to "i should install it" only in the cart, login, create an account area, etc. this is what my includes/configure.php file looks like: // Define the webserver and path parameters // * DIR_FS_* = Filesystem directories (local/physical) // * DIR_WS_* = Webserver directories (virtual/URL) define('HTTP_SERVER', 'http://ghilliegear.com'); // eg, [url="http://localhost"]http://localhost[/url] - should not be empty for productive servers define('HTTPS_SERVER', ''); // eg, [url="https://localhost"]https://localhost[/url] - should not be empty for productive servers define('ENABLE_SSL', false); // secure webserver for checkout procedure? define('HTTP_COOKIE_DOMAIN', 'ghilliegear.com'); define('HTTPS_COOKIE_DOMAIN', ''); define('HTTP_COOKIE_PATH', '/'); define('HTTPS_COOKIE_PATH', ''); define('DIR_WS_HTTP_CATALOG', '/'); define('DIR_WS_HTTPS_CATALOG', ''); define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); when i try to edit "define('ENABLE_SSL', false)" to "true" includes/configure.php in keeps giving me this error: [a fatal error or timeout occurred while processing this directive]
centrios40 Posted October 18, 2008 Author Posted October 18, 2008 update: i edited includes/configure.php to true, i still cant login
Guest Posted October 18, 2008 Posted October 18, 2008 Can anyone tell me why so many people are having problems with their config files? I just don't get it. You are trying to SSL(https) and not defining what it should be. How do you think it can work? Try this. Make sure to fill in your db info. You may also want to check the config file in your admin/ // Define the webserver and path parameters // * DIR_FS_* = Filesystem directories (local/physical) // * DIR_WS_* = Webserver directories (virtual/URL) define('HTTP_SERVER', 'http://ghilliegear.com'); // eg, [url="http://localhost"]http://localhost[/url] - should not be empty for productive servers define('HTTPS_SERVER', ''); // eg, [url="https://localhost"]https://localhost[/url] - should not be empty for productive servers define('ENABLE_SSL', false); // secure webserver for checkout procedure? define('HTTP_COOKIE_DOMAIN', 'ghilliegear.com'); define('HTTPS_COOKIE_DOMAIN', ''); define('HTTP_COOKIE_PATH', '/'); define('HTTPS_COOKIE_PATH', ''); define('DIR_WS_HTTP_CATALOG', '/'); define('DIR_WS_HTTPS_CATALOG', ''); define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); when i try to edit "define('ENABLE_SSL', false)" to "true" includes/configure.php in keeps giving me this error: [a fatal error or timeout occurred while processing this directive]
centrios40 Posted October 18, 2008 Author Posted October 18, 2008 UPDATE: I've been able to stop the redirect. but... i still can't login to my admin area. and the gold lock still shows a question mark.
centrios40 Posted October 19, 2008 Author Posted October 19, 2008 Can anyone tell me why so many people are having problems with their config files? I just don't get it. You are trying to SSL(https) and not defining what it should be. How do you think it can work? Try this. Make sure to fill in your db info. You may also want to check the config file in your admin/ so i did what you outlined, and i dunnoo. it didn't change much, like i said in my previous post, i resolved the redirect this. before i did, i don't know what this was suppose to do.
BryceJr Posted October 19, 2008 Posted October 19, 2008 You have an error in your admin/includes configure.php file. You have this. ghilliegear.com/admin/www.ghilliegear.com/admin/login.php
centrios40 Posted October 19, 2008 Author Posted October 19, 2008 You have an error in your admin/includes configure.php file. You have this. ghilliegear.com/admin/www.ghilliegear.com/admin/login.php i dont see that anywhere in the configure.php file
BryceJr Posted October 19, 2008 Posted October 19, 2008 i dont see that anywhere in the configure.php file What I meant was, that particular url string is showing in the locator(url) bar when going to admin. When you type ghilliegear.com/admin it should look like this ghilliegear.com/admin/login.php If you're unsure on what to do, post your config from admin.
centrios40 Posted October 19, 2008 Author Posted October 19, 2008 What I meant was, that particular url string is showing in the locator(url) bar when going to admin. When you type ghilliegear.com/admin it should look like this ghilliegear.com/admin/login.php If you're unsure on what to do, post your config from admin. Here it is: // Define the webserver and path parameters // * DIR_FS_* = Filesystem directories (local/physical) // * DIR_WS_* = Webserver directories (virtual/URL) define('HTTP_SERVER', 'www.ghilliegear.com'); // eg, [url="http://localhost"]http://localhost[/url] - should not be empty for productive servers define('HTTP_CATALOG_SERVER', 'www.ghilliegear.com'); define('HTTPS_CATALOG_SERVER', 'www.ghilliegear.com'); define('ENABLE_SSL_CATALOG', 1); // secure webserver for catalog module define('DIR_FS_DOCUMENT_ROOT', '/home2/ghillieg/public_html/'); // where the pages are located on the server define('DIR_WS_ADMIN', '/admin/'); // absolute path required define('DIR_FS_ADMIN', '/home2/ghillieg/public_html/admin/'); // absolute pate required define('DIR_WS_CATALOG', '/'); // absolute path required define('DIR_FS_CATALOG', '/home2/ghillieg/public_html/'); // absolute path required define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/'); define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/'); define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/'); another thing, now i noticed my site gets forwarded to https:// i don't want this. what areas of my site do i actually need the ssl certificate? (login, checkout, my account, signup - right?) and is it possible to have the ssl certificate only apply to these sections? because its making my whole site slow.
lindsayanng Posted October 19, 2008 Posted October 19, 2008 it should do that automatically because the standard osc links tell it too.. So, forinstance, if you went into header.php and saw the links for login, my account, cart, ect.. they would look like this tep href_link (FILENAME_ACCOUNT' , 'SSL' , ); where as non-SSL pages do not have the 'SSL' A great place for newbies to start Road Map to oscommerce File Structure DO NOT PM ME FOR HELP. My time is valuable, unless i ask you to PM me, please dont. You will get better help if you post publicly. I am not as good at this as you think anyways! HOWEVER, you can visit my blog (go to my profile to see it) and post a question there, i will find time to get back and answer you Proud Memeber of the CODE BREAKERS CLUB!!
Guest Posted October 20, 2008 Posted October 20, 2008 UPDATE: I've been able to stop the redirect. but... i still can't login to my admin area. and the gold lock still shows a question mark. Its still redirecting to https. Is this being done in.htaccess? Here it is: // Define the webserver and path parameters // * DIR_FS_* = Filesystem directories (local/physical) // * DIR_WS_* = Webserver directories (virtual/URL) define('HTTP_SERVER', 'www.ghilliegear.com'); // eg, [url="http://localhost"]http://localhost[/url] - should not be empty for productive servers define('HTTP_CATALOG_SERVER', 'www.ghilliegear.com'); define('HTTPS_CATALOG_SERVER', 'www.ghilliegear.com'); define('ENABLE_SSL_CATALOG', 1); // secure webserver for catalog module define('DIR_FS_DOCUMENT_ROOT', '/home2/ghillieg/public_html/'); // where the pages are located on the server define('DIR_WS_ADMIN', '/admin/'); // absolute path required define('DIR_FS_ADMIN', '/home2/ghillieg/public_html/admin/'); // absolute pate required define('DIR_WS_CATALOG', '/'); // absolute path required define('DIR_FS_CATALOG', '/home2/ghillieg/public_html/'); // absolute path required define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/'); define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/'); define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/'); another thing, now i noticed my site gets forwarded to https:// i don't want this. what areas of my site do i actually need the ssl certificate? (login, checkout, my account, signup - right?) and is it possible to have the ssl certificate only apply to these sections? because its making my whole site slow. Yes those pages will bee SSL only if you have enable SSL set to true or 1 in your config files. Both admin and catalog. Try this for your admin config file. Remember to fill in your db info. <?php /* $Id: configure.php 1739 2007-12-20 00:52:16Z hpdl $ osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright (c) 2002 osCommerce Released under the GNU General Public License */ // define our webserver variables // FS = Filesystem (physical) // WS = Webserver (virtual) define('HTTP_SERVER', 'http://www.ghilliegear.com'); // eg, http://localhost or - https://localhost should not be NULL for productive servers define('HTTP_CATALOG_SERVER', 'http://www.ghilliegear.com'); define('HTTPS_CATALOG_SERVER', 'https://www.ghilliegear.com'); define('ENABLE_SSL_CATALOG', 1); // secure webserver for catalog module define('DIR_FS_DOCUMENT_ROOT', '/home2/ghillieg/public_html/'); // where your pages are located on the server. if $DOCUMENT_ROOT doesnt suit you, replace with your local path. (eg, /usr/local/apache/htdocs) define('DIR_WS_ADMIN', '/admin/'); define('DIR_FS_ADMIN', DIR_FS_DOCUMENT_ROOT . DIR_WS_ADMIN); define('DIR_WS_CATALOG', '/'); define('DIR_FS_CATALOG', DIR_FS_DOCUMENT_ROOT . DIR_WS_CATALOG); define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/'); define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/'); define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/'); // define our database connection define('DB_SERVER', ''); define('DB_SERVER_USERNAME', ''); define('DB_SERVER_PASSWORD', ''); define('DB_DATABASE', ''); define('USE_PCONNECT', 'false'); define('STORE_SESSIONS', 'mysql'); ?> it should do that automatically because the standard osc links tell it too.. So, forinstance, if you went into header.php and saw the links for login, my account, cart, ect.. they would look like this tep href_link (FILENAME_ACCOUNT' , 'SSL' , ); where as non-SSL pages do not have the 'SSL' Kinda yes. They will only go to https if enabled in the configs. If enable is set to 0 or false then the http link will be used even if the says to use SSL
failsafe Posted October 20, 2008 Posted October 20, 2008 Yes, an important point not to miss from Brian's reply above is: define('HTTP_CATALOG_SERVER', 'http://www.ghilliegear.com'); define('HTTPS_CATALOG_SERVER', 'https://www.ghilliegear.com'); You need to correct these in your configure.php file. You had the http:// and https:// part missing. I'm not sure you have fixed your redirect problem... I'm still getting this back HTTP/1.x 301 Moved Permanently Date: Mon, 20 Oct 2008 07:56:53 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8i DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Location: https://www.ghilliegear.com/ Content-Length: 417 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1 when I browse to http://www.ghilliegear.com
failsafe Posted October 20, 2008 Posted October 20, 2008 Regarding your padlock, you need to sort out your server first (the http and https mentioned above) before you can fix this. However, it does seem that you have a number of inconsistencies even ignoring which mode (http or https) the images are coming from. Some images are requested from www.ghilliegear.com, others from ghilliegear.com, so you need to tidy that up. You should presumably have all images coming from www.ghilliegear.com. You also have one image coming from here "http://s9.addthis.com/button1-addthis.gif" (the social bookmarks one). There will still be the padlock problem with that one if you intend to call it from one of your secure pages (https mode). If someone logs in, then presumably this will be the case. Perhaps you'll need to copy it to your own server and then call it in a similar way to other images? The 2 problem images on your home page I can see are: http://ghilliegear.com/favicon.ico http://ghilliegear.com/siteimages/hp-image/welcomeimage1.jpg I think you need to look how you're calling both these. In the case of favicon.ico, the best way would probably be to use a relative link, like so: <link rel="icon" href="favicon.ico" type="image/x-icon"> <link rel="shortcut icon" href="favicon.ico" type="image/x-icon"> Then it will be correctly called according to which server mode you're in. Obviously, that means editing all the top level .php files that contain it... just about all of them. :)
centrios40 Posted October 21, 2008 Author Posted October 21, 2008 does anyone know a solution to why i can't login into my admin?
Guest Posted October 21, 2008 Posted October 21, 2008 What is your username and password? If you have forgtten then go to your database using phpmyadmin. Click on the administrators table. Then click on the empthy tab at the top. On the page that follows MAKE SURE IT IS ONLY THE ADMINISTRATORS TABLE that is being emptied. Click yes. to empty. Go back to your stores admin page and it will ask to enter a new username and password. Once you do that you will have to enter them in again to login.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.