Page 1 of 2 12 LastLast
Results 1 to 10 of 17
  1. #1
    Join Date
    Apr 2010
    Posts
    10
    Plugin Contributions
    0

    Default Unsecure items in SSL pages

    This website im doing has just had the SSL installed so i go into my two configure files and turn on HTTPS

    i know i havent used hard coded links as i made a point not to but my base href is referencing HTTP on my secure pages i checked the relevant files and they seem to be fine with..

    <base href="<?php echo (($request_type == 'SSL') ? HTTPS_SERVER . DIR_WS_HTTPS_CATALOG : HTTP_SERVER . DIR_WS_CATALOG ); ?>" />

    the site can be found @ www.joshlingerie.com

    any help would be appreciated

  2. #2
    Join Date
    Jun 2005
    Location
    Cumbria, UK
    Posts
    10,267
    Plugin Contributions
    3

    Default Re: Unsecure items in SSL pages

    Talk to your host... The problem appears to be with your stylesheet.
    20 years a Zencart User

  3. #3
    Join Date
    Apr 2010
    Posts
    10
    Plugin Contributions
    0

    Default Re: Unsecure items in SSL pages

    Thanks for the reply

    i have checked the stylesheets none have hard coded urls or any problems i can see ?

  4. #4
    Join Date
    Jan 2004
    Posts
    66,446
    Plugin Contributions
    81

    Default Re: Unsecure items in SSL pages

    Quote Originally Posted by Quedex View Post
    This website im doing has just had the SSL installed so i go into my two configure files and turn on HTTPS

    i know i havent used hard coded links as i made a point not to but my base href is referencing HTTP on my secure pages
    Then your host has configured the SSL incorrectly in the server settings.
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  5. #5
    Join Date
    Apr 2010
    Posts
    10
    Plugin Contributions
    0

    Default Re: Unsecure items in SSL pages

    Thats what im thinking as there is no way to set the base href except from server side right ?

    the base href is referencing http so of course all the relative paths will be from http and not https and thats the problem im having i'll email them again if that doesnt work i'll ring them

    thanks guys

  6. #6
    Join Date
    Jan 2004
    Posts
    66,446
    Plugin Contributions
    81

    Default Re: Unsecure items in SSL pages

    Zen Cart calculates the correct base href based on whether your server is properly reporting that it's in SSL mode.
    There are a few oddball hosting companies who can't seem to figure out how to do that properly. Hopefully yours isn't one of them.
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  7. #7
    Join Date
    Apr 2010
    Posts
    10
    Plugin Contributions
    0

    Default Re: Unsecure items in SSL pages

    i did see Ajeh's post with the....

    <?php
    $request_type = ((isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on') || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == '1') || (isset($_SERVER['HTTP_X_FORWARDED_BY']) && strstr(strtoupper($_SERVER['HTTP_X_FORWARDED_BY']),'SSL')) || (isset($_SERVER['HTTP_X_FORWARDED_HOST']) && strstr(strtoupper($_SERVER['HTTP_X_FORWARDED_HOST']),'SSL')) || (isset($_SERVER['SCRIPT_URI']) && strtolower(substr($_SERVER['SCRIPT_URI'], 0, 6)) == 'https:') || (isset($_SERVER['SERVER_PORT']) && $_SERVER['SERVER_PORT'] == '443' ) ) ? 'SSL' : 'NONSSL';
    echo 'I SEE ' . $request_type;
    ?>

    php test i put it on my server and https://www.joshlingerie.com/test.php comes back as i see NONSSL

    can i use this to hassle my hosting company ?

    many thanks

  8. #8
    Join Date
    Jan 2004
    Posts
    66,446
    Plugin Contributions
    81

    Default Re: Unsecure items in SSL pages

    You can try. Good luck.
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  9. #9
    Join Date
    Apr 2010
    Posts
    10
    Plugin Contributions
    0

    Default Re: Unsecure items in SSL pages

    thanks for all the help guys i know a little php but server configurations are beyond me without you guys i'd be lost

    running that script should report back as i see SSL then if all is correct is that right? i just need a bit of ammo if the hosts say it's my problem AGAIN !

  10. #10
    Join Date
    Jan 2004
    Posts
    66,446
    Plugin Contributions
    81

    Default Re: Unsecure items in SSL pages

    Yes .
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

 

 
Page 1 of 2 12 LastLast

Similar Threads

  1. Using HostGator and Shared SSL, Secure and Unsecure Items?
    By daxxruckus in forum Basic Configuration
    Replies: 14
    Last Post: 30 Dec 2008, 08:01 AM
  2. IE 6 IE 7 Unsecure SSL
    By mdaracz in forum General Questions
    Replies: 0
    Last Post: 17 Nov 2008, 09:55 PM
  3. Unsecure Items...again
    By Blake81 in forum General Questions
    Replies: 3
    Last Post: 12 Mar 2008, 10:09 PM
  4. Unsecure items
    By Blake81 in forum General Questions
    Replies: 8
    Last Post: 26 Jan 2008, 04:50 PM
  5. Explorer SSL Unsecure Items
    By 13moons in forum General Questions
    Replies: 16
    Last Post: 18 Aug 2007, 09:45 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg