Using HostGator and Shared SSL, Secure and Unsecure Items?

**daxxruckus** · 19 Dec 2008, 12:16 AM

Hi All,

believe me , I have searched every thread on this forum before wasting anyone's time posting this question. I couldn't find an answer to my specific problem, so I'm asking here.

I am using hostgator, and hosting a site on my reseller account (www.criticalthinkersonline.net). I am using their shared SSL cert. I changed both config files to point to my shared SSL secure page (https://sonata.websitewelcome.com/~critical/) and set use SSL to true.

Zen Cart properly switches over to the secure pages when necessary (on the shopping cart, my account pages, and when purchasing), but in FF I get the lock with a slash through it, and in IE the popup saying there is secure and non-secure items.

You can look at the source of the secured pages, and see that there are tons of http://critical... links, but these are all generated by Zen Cart. The only thing I have changed on this template (one called Orange) are colors in the css file, and changed the header by creating a new image and overwriting the existing one. In the .css it point to the relative location of the file. However, if you click on view image (on a secured page) you see that its pointing to an http: referenced image. I tried specifying the secured link to the header image in the .css, but it still did not change the security warning.

Why are all these links nonsecure, even on the secured pages? I assume zen cart should switch over to using secured versions when necessary, and its showing nonsecured URLS in the secured pages, and thats why I am getting this warning. In IE if I tell it NOT to show unsecured items, it basically strips everyhting but text out of the page.

sooo....any ideas on whats going on here?

**Kim** · 19 Dec 2008, 02:02 AM

Please post your includes/configure.php minus your password

**dbltoe** · 19 Dec 2008, 02:10 AM

You have several links in your source that point to http://.... versus ../images/whatever.

With the http:// links on a secure page, you'll always get a broken lock.

check http://www.motive.co.nz/glossary/linking.php to see better ways to do it.

**kobra** · 19 Dec 2008, 02:49 AM

https://www.zen-cart.com/tutorials/i...hp?article=150

**daxxruckus** · 19 Dec 2008, 08:24 PM

Hi,

I have read those tutorials and I have not manually editing anything that points to a http: location. Those images are all picutres of products uploaded through zen cart. Wouldn't it switch those over to use the secure URL when you hit a secure page?

The only image I have edited is the logo, which is a relative link in the .css file for the template.

/includes/configure.php below:

Code:

<?php
/**
 * dist-configure.php
 *
 * @package Configuration Settings
 * @copyright Copyright 2003-2007 Zen Cart Development Team
 * @copyright Portions Copyright 2003 osCommerce
 * @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
 * @version $Id: dist-configure.php 6329 2007-05-16 15:36:56Z drbyte $
 * @private
 */
// Define the webserver and path parameters
// HTTP_SERVER is your Main webserver: eg-http://www.yourdomain.com
// HTTPS_SERVER is your Secure webserver: eg-https://www.yourdomain.com
define('HTTP_SERVER', 'http://criticalthinkersonline.net');
define('HTTPS_SERVER', 'https://sonata.websitewelcome.com/~critical');

// Use secure webserver for checkout procedure?
define('ENABLE_SSL', 'true');

// NOTE: be sure to leave the trailing '/' at the end of these lines if you make changes!

// * DIR_WS_* = Webserver directories (virtual/URL)
// these paths are relative to top of your webspace ... (ie: under the public_html or httpdocs folder)
define('DIR_WS_CATALOG', '/');
define('DIR_WS_HTTPS_CATALOG', '/');

define('DIR_WS_IMAGES', 'images/');
define('DIR_WS_INCLUDES', 'includes/');
define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');
define('DIR_WS_DOWNLOAD_PUBLIC', DIR_WS_CATALOG . 'pub/');
define('DIR_WS_TEMPLATES', DIR_WS_INCLUDES . 'templates/');

define('DIR_WS_PHPBB', '/phpBB2/');

// * DIR_FS_* = Filesystem directories (local/physical)
//the following path is a COMPLETE path to your Zen Cart files. eg: /var/www/vhost/accountname/public_html/store/
define('DIR_FS_CATALOG', '/home/critical/public_html/');

define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');
define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');
define('DIR_WS_UPLOADS', DIR_WS_IMAGES . 'uploads/');
define('DIR_FS_UPLOADS', DIR_FS_CATALOG . DIR_WS_UPLOADS);
define('DIR_FS_EMAIL_TEMPLATES', DIR_FS_CATALOG . 'email/');

//REMOVED DB CONNECTION INFO


// The next 2 "defines" are for SQL cache support.
// For SQL_CACHE_METHOD, you can select from:  none, database, or file
// If you choose "file", then you need to set the DIR_FS_SQL_CACHE to a directory where your apache
// or webserver user has write privileges (chmod 666 or 777). We recommend using the "cache" folder inside the Zen Cart folder
// ie: /path/to/your/webspace/public_html/zen/cache   -- leave no trailing slash
define('SQL_CACHE_METHOD', 'none');
define('DIR_FS_SQL_CACHE', '/home/critical/public_html/cache/');

?>

**Kim** · 19 Dec 2008, 09:00 PM

What if you add the www to:

define('HTTP_SERVER', 'http://criticalthinkersonline.net');

**daxxruckus** · 19 Dec 2008, 09:12 PM

I hope its something that simple. Would I need to add that to both configure.php files?

**daxxruckus** · 19 Dec 2008, 09:15 PM

nope, didnt make a difference

**DrByte** · 19 Dec 2008, 09:18 PM

The following IMG tags are not generated by a clean Zen Cart install without addons. (Nor the table in which they appear on your site). Zen Cart always produces relative paths, in order to avoid these security issues. Instead you must have hard-coded the full URL into your template files somewhere. The FAQ article still applies, and has nothing to do with HostGator.

Code:

<img src="http://www.criticalthinkersonline.net/hosted/storefront.jpg">
</center>
<br>
<h1><span style="color: rgb(0, 0, 102);"><center>Please proceed through the doors of Science, Math, Language Arts, Social Studies, Spanish, or Reading.</center></span></h1>
<br>
<table width="100%" border="0">
  <tr>
    <td><div align="center"><strong><span class="style1">Science</span></strong></div></td>
    <td><div align="center"><strong><span class="style1">Math</span></strong></div></td>
    <td><div align="center"><strong><span class="style1">Language Arts</span></strong></div></td>
  </tr>
  <tr>
    <td><div align="center"><a href="http://criticalthinkersonline.net/index.php?main_page=index&cPath=5"><img src="http://www.criticalthinkersonline.net/hosted/icons/Door.png" width="128" height="128" border="0" /></a></div></td>
    <td><div align="center"><a href="http://criticalthinkersonline.net/index.php?main_page=index&cPath=4"><img src="http://www.criticalthinkersonline.net/hosted/icons/Door.png" alt="" width="128" height="128" border="0" /></a></div></td>
    <td><div align="center"><a href="http://criticalthinkersonline.net/index.php?main_page=index&cPath=1"><img src="http://www.criticalthinkersonline.net/hosted/icons/Door.png" alt="" width="128" height="128" border="0" /></a></div></td>
  </tr>
  <tr>
    <td><div align="center"><strong><span class="style1">Social Studies</span></strong></div></td>
    <td><div align="center"><strong><span class="style1">Spanish</span></strong></div></td>
    <td><div align="center"><strong>Reading</strong></div></td>
  </tr>
  <tr>
    <td><div align="center"><a href="http://criticalthinkersonline.net/index.php?main_page=index&cPath=6"><img src="http://www.criticalthinkersonline.net/hosted/icons/Door.png" alt="" width="128" height="128" border="0" /></a></div></td>
    <td><div align="center"><a href="http://criticalthinkersonline.net/index.php?main_page=index&cPath=7"><img src="http://www.criticalthinkersonline.net/hosted/icons/Door.png" alt="" width="128" height="128" border="0" /></a></div></td>
    <td><div align="center"><a href="http://criticalthinkersonline.net/index.php?http://criticalthinkersonline.net/index.php?main_page=index&cPath=3"><img src="http://www.criticalthinkersonline.net/hosted/icons/Door.png" alt="" width="128" height="128" border="0" /></a></div></td>

**daxxruckus** · 19 Dec 2008, 09:42 PM

I fixed all those, problem still remains. I left those in because that table is only shown on the main index page (define_main_page.php). I changed them all to relative links now, but it didnt change anything. Nothing in define_main_page.php is displayed on any secure page.

If i just click on "Log In" I'm taken to the login page, which shows the unsecured lock image in firefox. Viewing the source, I see many links that are http - mainly for that horizontal category nav bar.

Code:

 <td id="navColumnOne" class="columnLeft" style="width: 150px">
<div id="navColumnOneWrapper" style="width: 150px"><!--// bof: categories //-->
<div class="leftBoxContainer" id="categories" style="width: 150px">
<h3 class="leftBoxHeading" id="categoriesHeading">Categories</h3>
<div id="categoriesContent" class="sideBoxContent">
<a class="category-top" href="http://www.criticalthinkersonline.net/index.php?main_page=index&amp;cPath=7&amp;zenid=3cd2fc85a46934d10355449772baef5c">Bilingual Education-&gt;</a>&nbsp;(81)<br />
<a class="category-top" href="http://www.criticalthinkersonline.net/index.php?main_page=index&amp;cPath=110&amp;zenid=3cd2fc85a46934d10355449772baef5c">Children's Books-&gt;</a>&nbsp;(74)<br />

<a class="category-top" href="http://www.criticalthinkersonline.net/index.php?main_page=index&amp;cPath=54&amp;zenid=3cd2fc85a46934d10355449772baef5c">Classroom Furniture</a><br />
<a class="category-top" href="http://www.criticalthinkersonline.net/index.php?main_page=index&amp;cPath=53&amp;zenid=3cd2fc85a46934d10355449772baef5c">Early Childhood/Preschool-&gt;</a>&nbsp;(53)<br />
<a class="category-top" href="http://www.criticalthinkersonline.net/index.php?main_page=index&amp;cPath=1&amp;zenid=3cd2fc85a46934d10355449772baef5c">Language Arts-&gt;</a>&nbsp;(333)<br />
<a class="category-top" href="http://www.criticalthinkersonline.net/index.php?main_page=index&amp;cPath=3&amp;zenid=3cd2fc85a46934d10355449772baef5c">Leveled Readers-&gt;</a>&nbsp;(431)<br />
<a class="category-top" href="http://www.criticalthinkersonline.net/index.php?main_page=index&amp;cPath=52&amp;zenid=3cd2fc85a46934d10355449772baef5c">Manipulatives-&gt;</a>&nbsp;(22)<br />
<a class="category-top" href="http://www.criticalthinkersonline.net/index.php?main_page=index&amp;cPath=4&amp;zenid=3cd2fc85a46934d10355449772baef5c">Mathematics-&gt;</a>&nbsp;(106)<br />

<a class="category-top" href="http://www.criticalthinkersonline.net/index.php?main_page=index&amp;cPath=55&amp;zenid=3cd2fc85a46934d10355449772baef5c">Professional Books</a><br />
<a class="category-top" href="http://www.criticalthinkersonline.net/index.php?main_page=index&amp;cPath=5&amp;zenid=3cd2fc85a46934d10355449772baef5c">Science-&gt;</a>&nbsp;(101)<br />
<a class="category-top" href="http://www.criticalthinkersonline.net/index.php?main_page=index&amp;cPath=6&amp;zenid=3cd2fc85a46934d10355449772baef5c">Social Studies-&gt;</a>&nbsp;(87)<br />
<hr id="catBoxDivider" />
<a class="category-links" href="http://www.criticalthinkersonline.net/index.php?main_page=products_new&amp;zenid=3cd2fc85a46934d10355449772baef5c">New Products ...</a><br />
<a class="category-links" href="http://www.criticalthinkersonline.net/index.php?main_page=products_all&amp;zenid=3cd2fc85a46934d10355449772baef5c">All Products ...</a>
</div></div>
<!--// eof: categories //-->

<!--// bof: information //-->

<div class="leftBoxContainer" id="information" style="width: 150px">
<h3 class="leftBoxHeading" id="informationHeading">Information</h3>
<div id="informationContent" class="sideBoxContent">
<ul style="margin: 0; padding: 0; list-style-type: none;">
<li><a href="http://www.criticalthinkersonline.net/index.php?main_page=shippinginfo&amp;zenid=3cd2fc85a46934d10355449772baef5c">Shipping &amp; Returns</a></li>
<li><a href="http://www.criticalthinkersonline.net/index.php?main_page=privacy&amp;zenid=3cd2fc85a46934d10355449772baef5c">Privacy Notice</a></li>
<li><a href="http://www.criticalthinkersonline.net/index.php?main_page=conditions&amp;zenid=3cd2fc85a46934d10355449772baef5c">Conditions of Use</a></li>
<li><a href="http://www.criticalthinkersonline.net/index.php?main_page=contact_us&amp;zenid=3cd2fc85a46934d10355449772baef5c">Contact Us</a></li>
<li><a href="http://www.criticalthinkersonline.net/index.php?main_page=site_map&amp;zenid=3cd2fc85a46934d10355449772baef5c">Site Map</a></li>

<li><a href="http://www.criticalthinkersonline.net/index.php?main_page=gv_faq&amp;zenid=3cd2fc85a46934d10355449772baef5c">Gift Certificate FAQ</a></li>
<li><a href="http://www.criticalthinkersonline.net/index.php?main_page=discount_coupon&amp;zenid=3cd2fc85a46934d10355449772baef5c">Discount Coupons</a></li>
<li><a href="http://www.criticalthinkersonline.net/index.php?main_page=unsubscribe&amp;zenid=3cd2fc85a46934d10355449772baef5c">Newsletter Unsubscribe</a></li>
</ul>
</div></div>
<!--// eof: information //-->

but these links are all generated by zen cart. Even the home link and copyright link at the bottom (generated by zen cart) are to the nonsecured url.

Thread: Using HostGator and Shared SSL, Secure and Unsecure Items?

Thread Tools

Search Thread

Display

Using HostGator and Shared SSL, Secure and Unsecure Items?

Re: Using HostGator and Shared SSL, Secure and Unsecure Items?

Re: Using HostGator and Shared SSL, Secure and Unsecure Items?

Re: Using HostGator and Shared SSL, Secure and Unsecure Items?

Re: Using HostGator and Shared SSL, Secure and Unsecure Items?

Re: Using HostGator and Shared SSL, Secure and Unsecure Items?

Re: Using HostGator and Shared SSL, Secure and Unsecure Items?

Re: Using HostGator and Shared SSL, Secure and Unsecure Items?

Re: Using HostGator and Shared SSL, Secure and Unsecure Items?

Re: Using HostGator and Shared SSL, Secure and Unsecure Items?

Similar Threads

SSL secure and non-secure items

Installed SSL,shows page contains both secure and non-secure items!

Hostgator -- Shared SSL issue

Secure and unsecure items problem

Posting Permissions