Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Setup Secure Server With Oscommerce


tomupton

Recommended Posts

I am still having problems with oscommerce and making it secure. I have attempted to change the configuration files but i still comes up with the page cannot be found.

 

I am using a host that the following details to use https pages:

 

https://kartklub.com/~your-customers-username

 

my current url is:

 

http://kartklub.com/shop/

 

This gives me access to my oscommerce website. Can anyone suggest why this is not working. I am not too sure whether the username part in the https address above refers to the username that i use to connect to my host or is it the customers username from oscommerce.

 

I can copy and paste my scripts into this page if anyone can help.

 

Thanks in advance

 

Tom

Link to comment
Share on other sites

just change both your catalog and admin/includes/configure.php

 

define('HTTP_SERVER', 'http://kartklub.com/shop/'); // eg, http://localhost - should not be empty for productive servers
define('HTTPS_SERVER', 'https://kartklub.com/~your-customers-username '); // eg, https://localhost - should not be empty for productive servers
define('ENABLE_SSL', true); // secure webserver for checkout procedure?

-------------------------------------------------------------------------------------------------------------------------

NOTE: As of Oct 2006, I'm not as active in this forum as I used to be, but I still work with osC quite a bit.

If you have a question about any of my posts here, your best bet is to contact me though either Email or PM in my profile, and I'll be happy to help.

Link to comment
Share on other sites

OK, some of you guys are seriously not listening.

 

Or searching the forums for that matter. I've answered this same question in 4 different threads today, 2 of them in this very forum, on the first page.

 

The answer is already in this post.

-------------------------------------------------------------------------------------------------------------------------

NOTE: As of Oct 2006, I'm not as active in this forum as I used to be, but I still work with osC quite a bit.

If you have a question about any of my posts here, your best bet is to contact me though either Email or PM in my profile, and I'll be happy to help.

Link to comment
Share on other sites

Hi Wizardandwars,

 

I've been searching through all the posts this morning and have not been able to work out exactly what to do...apologies I'm new to this...my web guys have been away...

 

You mentioned that you don't have to transfer the catalog to the secure server, however I have my dedicated secure certificates on that site and I don't see how I would be able to attach my secure site seals without upload at least the login and ordering files there...

 

So at the moment I have catalogs on both my secure and non-secured sites...which is driving me insane, because when I attempt to add new products via admin, pictures obviously don't show up in the secure and need to be uploaded. At the moment, when customers log in they are automatically served the secure catalog with possible missing pictures.

 

Here's my config file. From what I see the first couple of lines are correct but not sure about the rest, but not sure if the section from "define('HTTP_COOKIE_DOMAIN', 'www.mysite.com.au');" is correct...

 

I would appreciate any help here. Thanks.

 

// Define the webserver and path parameters
// * DIR_FS_* = Filesystem directories (local/physical)
// * DIR_WS_* = Webserver directories (virtual/URL)
 define('HTTP_SERVER', 'http://www.mysite.com.au'); // eg, http://localhost - should not be empty for productive servers
 define('HTTPS_SERVER', 'https://secure.mysite.com.au'); // eg, https://localhost - should not be empty for productive servers
 define('ENABLE_SSL', 'true'); // secure webserver for checkout procedure?
 define('HTTP_COOKIE_DOMAIN', 'www.mysite.com.au');
 define('HTTPS_COOKIE_DOMAIN', 'secure.mysite.com.au');
 define('HTTP_COOKIE_PATH', '/catalog/');
 define('HTTPS_COOKIE_PATH', '/catalog/');
 define('DIR_WS_HTTP_CATALOG', '/catalog/');
 define('DIR_WS_HTTPS_CATALOG', '/catalog/');
 define('DIR_WS_IMAGES', 'images/');
 define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
 define('DIR_WS_INCLUDES', 'includes/');
 define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
 define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
 define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
 define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
 define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

Link to comment
Share on other sites

In browsing this board, I've noticed a recurring theme on the difficulty in setting up the secure server. I ran across this problem several years ago when I first started learning this ecommerce stuff, so maybe I can help out.

 

BTW, this procedure is for a UNIX server and assumes you have telnet access to your web site. If you don't have telnet, you will need to get with your hosting provider to help you out.

 

OK, let's say you have the following setup on your web site:

 

http://www.yoursite.com/catalog         // Non-secure files
https://secure.yoursite.com/catalog     // Secure files (site URL defined by SSL certificate)

The actual file paths on the server are:

 

/rootpath/www/catalog
/rootpath/www/Secure_Server/catalog    //(secure server directory defined by hosting provider)

In order to avoid the hassle of having to duplicate your entire site to serve secure and non-secure files, do the following:

 

Place your all your catalog files in the Secure_Server/catalog directory.

 

Then, create a soft link in the /rootpath/www directory that points to the catalog directory on the secure server by telneting into your web site and entering the following command:

 

ln -s PathToRealDirectory PathToSoftLink

For our example, the command would be:

 

ln -s /rootpath/www/Secure_Server/catalog /rootpath/www/catalog

Now, requests for both secure and non-secure files will use the same set of catalog files. Files served from http://www.yoursite.com/catalog URLs will display as they always did. When files are served from https://secure.yoursite.com/catalog URLs, your SSL certificate will be used and the lock icon will be displayed on the customer's browser. (BTW, if you tried to serve files from the https://www.yoursite.com/catalog URL, your SSL certificate would still be used but the customer would get the certificate does not match error message)

 

The osCommerce config settings for our example site would be like this:

 

define('HTTP_SERVER', 'http://www.yoursite.com'); 
define('HTTPS_SERVER', 'https://secure.yoursite.com');
define('ENABLE_SSL', 'true');
define('HTTP_COOKIE_DOMAIN', 'www.yoursite.com');
define('HTTPS_COOKIE_DOMAIN', 'secure.yoursite.com');
define('HTTP_COOKIE_PATH', '/catalog/');
define('HTTPS_COOKIE_PATH', '/catalog/');
define('DIR_WS_HTTP_CATALOG', '/catalog/');
define('DIR_WS_HTTPS_CATALOG', '/catalog/');

I've been using this setup on my old non-oscommerce shopping cart for several years with no problems.

 

Larry

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...