Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

SSL Installed with errors - Part of Site not secure


Recommended Posts

I have just installed my first SSL and made the necessary changes to both configure.php files but I am not sure if I have done it right and need feedback.

 

When I look at my sight it says that I do not supply identity information but I get the yellow triangle saying that the connection is not secure ( part of this page is not secure ie: images).

 

Can someone please explain how I can secure my images or change them from http:// to https:// so the yellow warning does not appear on my site ?

 

And how do I know if the SSL is set up correctly ?

 

Sorry I am very new to this and using the code editor.

 

Any help would be great & thank you in advance.

 

My website is https://www.sunshynecraftsbeads.com

Link to comment
Share on other sites

Check your images in the side columns, the "Create your style" image and Canadian flag image are using http better to use the relative path, such as "/images/CySwS_Label_standard120.jpg". Then it will pull from the https site.

Follow the community build:

BS3 to osCommerce Responsive from the Get Go!

Check out the new construction:

Admin Gone to Total BS!

Link to comment
Share on other sites

Hi Mr Walker,

 

Thank you for your response. I did that and it is still showing as http:

 

I am now being told by the place that I purchased the SSL that I will have to manually change every picture which for me is over 500 pictures. They say that they do not work with oscommerce and I would need to find out here how to make the changes.

 

Is there maybe a code that I can do to change the images from http to https   ?

 

I am extremely confused now and not sure how to correct the picture problem/ I have been looking every where on this forum and can not see anything that relates to my problem.

 

Thank you.

Link to comment
Share on other sites

@@sunshynecraftsbeads Are you concerned with secure errors when you look at your home page, which is the link you provided, or on a secure page? If you want the whole site setup to work under ssl, you will need to change your configure file. If you want to just have it for the secure pages, like create account and login, then you will need to remove and/or fix the non-secure links on those pages. You can test your site using this site to see the problems.

 

By the way, since your shop looks new, I suggest stopping at this point and using https://github.com/gburton/osCommerce-234-bootstrap/archive/master.zip. Your version is not mobile-ready and that is a big issue nowadays.

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

All of My Addons

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

Hi Jack,

 

Thank you for your feedback.

 

Yes, I want my whole site to work with the ssl including my images. Prior to posting my question to the forum I did change both of my configure.php files using this link;

http://www.oscommerce.com/forums/topic/233458-how-to-install-ssl-on-osc-a-simple-1-2-3-instruction/

 

However it is still showing that my connection is not secure and the only two pages that I see as https is my check out page & my account page but even those are showing as not secure because of my images.

 

Also thank you for the information. I am not computer savvy and not sure how I should change the version to mobile-ready.

 

Your assistance would be great appreciated.

Link to comment
Share on other sites

At the time that thread was started, it was not as common to have a whole use ssl as it is today. I think it is not needed but some shop owners prefer it. To have the ssl work for the whole site, in both of your configure files change any instance of http: to https: (this refers to the url's there, not the capital letters). If you did it right, when you click on any link on your site, it should be in ssl mode.

 

The page I mentioned is showing two problems. One is for the CySwS_Label_standard120.jpg image. My guess is that you added that by using the full url. That is not the way to do it when the image is on your site. So you need to remove the link for it or change it to a relative link to get rid of that failure. The second problem is due to how the code is setup to not recognize the ssl mode. You will need to make changes to a few files to fix that. See this thread for how to do that.

 

Regarding being mobile-ready, you have two choices for the version of oscommerce you have installed: Install the Mobile addon or switch to the version I mentioned. Neither are simple but doing the first would be a mistake for your situation. This thread explain how you would upgrade your shop using the second method.

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

All of My Addons

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

Hi Jack,

 

Thank you so much for taking the time to help me and to provide me with your opinion and the links. You are the Best !!!

 

I guess for me having the whole site secure is important because buyers are not going to buy from sites that have warnings or say that the site connection is not secure. I personally would not buy from that site so how can I expect others too. 

 

1)    Yes, I did change the configure files correctly as far as I can tell. I followed the instructions from the about link but it is not in the ssl mode.

 

  define('HTTP_SERVER', 'http://www.sunshynecraftsbeads.com');
  define('HTTPS_SERVER', 'https://www.sunshynecraftsbeads.com');
  define('ENABLE_SSL', true);
  define('HTTP_COOKIE_DOMAIN', 'https://www.sunshynecraftsbeads.com');
  define('HTTPS_COOKIE_DOMAIN', 'https://www.sunshynecraftsbeads.com');

 

And

 

  define('HTTP_SERVER', 'https://www.sunshynecraftsbeads.com/');
  define('HTTP_CATALOG_SERVER', 'https://www.sunshynecraftsbeads.com/');
  define('HTTPS_CATALOG_SERVER', 'https://www.sunshynecraftsbeads.com/');
  define('ENABLE_SSL_CATALOG', true);

 

 

2)  a)   The image used was just a image provided me from the company to use for the web. It is just a jpg . I just uploaded the pictures from my computer file. On several pages the padlock link says the error is in my login.php however when I look into the login.php there is nothing relating to this picture.

 

So I deleted both images I had in my cpanel but now although the pictures on gone I still have a small box where it use to be and still has the error. I have literally gone through every single one of the php files to find a link to this picture but I can not find it.           

 

    b)    Thank you for the no padlock link. This picture seems to be my obstacle. I am also having issues with the chrome (Note: Chrome will show a security error for any secure page with an insecure <form> call on the page) but there is a lengthy thread for that so I will read that later.

 

 

3)   I think upgrading my shop is a excellent idea and I am very grateful that you brought this to my attention. I have no problem rising to the challenge but I am a little concerned that after I upgrade, I will be mobile ready but still have the same problems with my site as I do now. No one will buy from a  website that is not secure and the whole purpose of buying the SSL was so buyers could buy with confidence.

 

 

I am sorry my response is so long but I just wanted you to know where I am at right now. I am off to read the thread for the upgrade. Thank you again.

Link to comment
Share on other sites

@@sunshynecraftsbeads You are correct about losing customers if the ssl is not working correctly. I wouldn't shop at such a site either.  But the purpose of the ssl is to encrypt important data as it is sent across the web so that it can't be grabbed up. Since there is no important data on the home page, among others, it doesn't serve any purpose to encrypt it.

 

For the first configure file, it should be changed like this, assuming you want full ssl:

define('HTTP_SERVER', 'https://www.sunshynecraftsbeads.com');
define('HTTPS_SERVER', 'https://www.sunshynecraftsbeads.com');
define('ENABLE_SSL', true);
define('HTTP_COOKIE_DOMAIN', '.www.sunshynecraftsbeads.com');
define('HTTPS_COOKIE_DOMAIN', '.www.sunshynecraftsbeads.com');

Regarding the image you removed, the image itself was not the problem. It is the link to it, assuming there was one. Deleting the image won't delete the link. If that was added via an infobox, then look in the includes/column_right.php file to see if there is a link to that box and remove that, or change it. I don't recall if your version of oscommerce uses modules for the boxes so I suppose it could be in admin instead.

 

Yes, after the upgrade there still be secure issues but I think all of the ones that are caused by the core code have been fixed. So I would install the new shop and test the ssl before making any changes to it, like adding things.

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

All of My Addons

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...