When a host makes errors such as this, and then tries to tell you that it's something YOU are doing, then it's time to find a better host.
When a host makes errors such as this, and then tries to tell you that it's something YOU are doing, then it's time to find a better host.
20 years a Zencart User
Update* I still have to run the site fully behind the SSL as i still get " i see non ssl" from the above script
my server guys are telling me this....
When you access an atlas site over SSL, we set the variable X-Forwarded-SSL to 1 and SSL is set to 1
i have no idea wot this means any info on this would be appreciated !
many thanks
You could try updating the /includes/init_includes/init_file_db.php file by adding 2 extra lines, as shown below:This is included in v1.3.9dCode:$request_type = (((isset($_SERVER['HTTPS']) && (strtolower($_SERVER['HTTPS']) == 'on' || $_SERVER['HTTPS'] == '1'))) || (isset($_SERVER['HTTP_X_FORWARDED_BY']) && strpos(strtoupper($_SERVER['HTTP_X_FORWARDED_BY']), 'SSL') !== false) || (isset($_SERVER['HTTP_X_FORWARDED_HOST']) && (strpos(strtoupper($_SERVER['HTTP_X_FORWARDED_HOST']), 'SSL') !== false || strpos(strtoupper($_SERVER['HTTP_X_FORWARDED_HOST']), str_replace('https://', '', HTTPS_SERVER)) !== false)) || (isset($_SERVER['SCRIPT_URI']) && strtolower(substr($_SERVER['SCRIPT_URI'], 0, 6)) == 'https:') || (isset($_SERVER['HTTP_X_FORWARDED_SSL']) && ($_SERVER['HTTP_X_FORWARDED_SSL'] == '1' || strtolower($_SERVER['HTTP_X_FORWARDED_SSL']) == 'on')) || (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && (strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) == 'ssl' || strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) == 'https')) || (isset($_SERVER['HTTP_SSLSESSIONID']) && $_SERVER['HTTP_SSLSESSIONID'] != '') || (isset($_SERVER['SERVER_PORT']) && $_SERVER['SERVER_PORT'] == '443')) ? 'SSL' : 'NONSSL';
.
Zen Cart - putting the dream of business ownership within reach of anyone!
Donate to: DrByte directly or to the Zen Cart team as a whole
Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.
Info for Network Solutions clients. Network Solutions will not allow the php script in Zen-Cart to detect SSL called pages. Here is a quote from a Network Solutions staff member on the NS user forums. Yet another reason to not use Network Solutions to host your Zen-Cart site.
http://forums.networksolutions.com/i...ndpost&p=27418Our proxy SSL doesn't allow server-side variables to detect HTTPS (secure). All server-side coding will always detect HTTP (non-secure), and for programs that attempt to redirect non-secure connections (http://) to a secure connection (https://) will result in an infinite loop and server error after 30 seconds.
The only ways around this is to
assume the connection is secure by making all the links to the sensitive pages https, or
use a client-side program (like javascript) to detect if it's secure and redirect if it's not. The coding below will do just that. Just modify it to redirect to the correct secure domain and add it into the HTML of any sensitive pages.
vinewbs - are you saying you are hosted on NetSol?
Please do not PM for support issues: a private solution doesn't benefit the community.
Be careful with unsolicited advice via email or PM - Make sure the person you are talking to is a reliable source.
Yes, this site is on NetSol, not by choice, though. My client's non-ZenCart site was on NetSol prior to my converting it to a Zen-Cart. I have been discovering the NetSol issues since launching the site a week ago. Wish I had known about all the issues before; I would have recommended my client change hosts before we launched.
@vinewebs; did you find a solutions to your problem?
i'm trying to setup the SSL from Network Solutions hosted on HostUpOn, but they both say that everything is setup right, and that the problem is with zencart, does that make sense to anyone?