Page 2 of 2 FirstFirst 12
Results 11 to 17 of 17
  1. #11
    Join Date
    Jun 2005
    Location
    Cumbria, UK
    Posts
    10,267
    Plugin Contributions
    3

    Default Re: Unsecure items in SSL pages

    When a host makes errors such as this, and then tries to tell you that it's something YOU are doing, then it's time to find a better host.
    20 years a Zencart User

  2. #12
    Join Date
    Apr 2010
    Posts
    10
    Plugin Contributions
    0

    Default Re: Unsecure items in SSL pages

    Update* I still have to run the site fully behind the SSL as i still get " i see non ssl" from the above script

    my server guys are telling me this....

    When you access an atlas site over SSL, we set the variable X-Forwarded-SSL to 1 and SSL is set to 1

    i have no idea wot this means any info on this would be appreciated !

    many thanks

  3. #13
    Join Date
    Jan 2004
    Posts
    66,446
    Plugin Contributions
    81

    Default Re: Unsecure items in SSL pages

    You could try updating the /includes/init_includes/init_file_db.php file by adding 2 extra lines, as shown below:
    Code:
    $request_type = (((isset($_SERVER['HTTPS']) && (strtolower($_SERVER['HTTPS']) == 'on' || $_SERVER['HTTPS'] == '1'))) ||
                     (isset($_SERVER['HTTP_X_FORWARDED_BY']) && strpos(strtoupper($_SERVER['HTTP_X_FORWARDED_BY']), 'SSL') !== false) ||
                     (isset($_SERVER['HTTP_X_FORWARDED_HOST']) && (strpos(strtoupper($_SERVER['HTTP_X_FORWARDED_HOST']), 'SSL') !== false || strpos(strtoupper($_SERVER['HTTP_X_FORWARDED_HOST']), str_replace('https://', '', HTTPS_SERVER)) !== false)) ||
                     (isset($_SERVER['SCRIPT_URI']) && strtolower(substr($_SERVER['SCRIPT_URI'], 0, 6)) == 'https:') ||
                     (isset($_SERVER['HTTP_X_FORWARDED_SSL']) && ($_SERVER['HTTP_X_FORWARDED_SSL'] == '1' || strtolower($_SERVER['HTTP_X_FORWARDED_SSL']) == 'on')) ||
                     (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && (strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) == 'ssl' || strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) == 'https')) ||
                     (isset($_SERVER['HTTP_SSLSESSIONID']) && $_SERVER['HTTP_SSLSESSIONID'] != '') ||
                     (isset($_SERVER['SERVER_PORT']) && $_SERVER['SERVER_PORT'] == '443')) ? 'SSL' : 'NONSSL';
    This is included in v1.3.9d
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  4. #14
    Join Date
    Mar 2010
    Posts
    4
    Plugin Contributions
    0

    Default Re: Unsecure items in SSL pages

    Info for Network Solutions clients. Network Solutions will not allow the php script in Zen-Cart to detect SSL called pages. Here is a quote from a Network Solutions staff member on the NS user forums. Yet another reason to not use Network Solutions to host your Zen-Cart site.

    Our proxy SSL doesn't allow server-side variables to detect HTTPS (secure). All server-side coding will always detect HTTP (non-secure), and for programs that attempt to redirect non-secure connections (http://) to a secure connection (https://) will result in an infinite loop and server error after 30 seconds.

    The only ways around this is to
    assume the connection is secure by making all the links to the sensitive pages https, or

    use a client-side program (like javascript) to detect if it's secure and redirect if it's not. The coding below will do just that. Just modify it to redirect to the correct secure domain and add it into the HTML of any sensitive pages.
    http://forums.networksolutions.com/i...ndpost&p=27418

  5. #15
    Join Date
    Jun 2003
    Posts
    33,721
    Plugin Contributions
    0

    Default Re: Unsecure items in SSL pages

    vinewbs - are you saying you are hosted on NetSol?
    Please do not PM for support issues: a private solution doesn't benefit the community.

    Be careful with unsolicited advice via email or PM - Make sure the person you are talking to is a reliable source.

  6. #16
    Join Date
    Mar 2010
    Posts
    4
    Plugin Contributions
    0

    Default Re: Unsecure items in SSL pages

    Yes, this site is on NetSol, not by choice, though. My client's non-ZenCart site was on NetSol prior to my converting it to a Zen-Cart. I have been discovering the NetSol issues since launching the site a week ago. Wish I had known about all the issues before; I would have recommended my client change hosts before we launched.

  7. #17
    Join Date
    Sep 2008
    Location
    Toronto
    Posts
    35
    Plugin Contributions
    0

    Default Re: Unsecure items in SSL pages

    @vinewebs; did you find a solutions to your problem?

    i'm trying to setup the SSL from Network Solutions hosted on HostUpOn, but they both say that everything is setup right, and that the problem is with zencart, does that make sense to anyone?

 

 
Page 2 of 2 FirstFirst 12

Similar Threads

  1. Using HostGator and Shared SSL, Secure and Unsecure Items?
    By daxxruckus in forum Basic Configuration
    Replies: 14
    Last Post: 30 Dec 2008, 08:01 AM
  2. IE 6 IE 7 Unsecure SSL
    By mdaracz in forum General Questions
    Replies: 0
    Last Post: 17 Nov 2008, 09:55 PM
  3. Unsecure Items...again
    By Blake81 in forum General Questions
    Replies: 3
    Last Post: 12 Mar 2008, 10:09 PM
  4. Unsecure items
    By Blake81 in forum General Questions
    Replies: 8
    Last Post: 26 Jan 2008, 04:50 PM
  5. Explorer SSL Unsecure Items
    By 13moons in forum General Questions
    Replies: 16
    Last Post: 18 Aug 2007, 09:45 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg