SSL Installed, Not Working from https

[dddza]

Hello,

I have followed the instructions on setting includes/configure.php and admin/includes/configure.php to define https as follows (in the order as above)

Code:

  define('HTTP_SERVER', 'http://www.URL.co.za');
  define('HTTPS_SERVER', 'https://www.URL.co.za');
  define('ENABLE_SSL', 'true');// Use secure webserver for checkout procedure?

and

Code:

  define('HTTP_SERVER', 'http://www.URL.co.za');
  define('HTTPS_SERVER', 'https://www.URL.co.za');
  define('HTTP_CATALOG_SERVER', 'http://www.URL.co.za');
  define('HTTPS_CATALOG_SERVER', 'https://www.URL.co.za');

  // Use secure webserver for catalog module and/or admin areas?
  define('ENABLE_SSL_CATALOG', 'true');
  define('ENABLE_SSL_ADMIN', 'true');

The problem is that when visiting the site via https, none of the images/links within the site are performing as 'https' and all remain http.

Perhaps because Zencart is running from a directory that this problem is occuring? e.g. http://www.URL.co.za/folder/

Any assistance would be great.

Thank you

[DrByte]

Could be a problem with the way the server's SSL support is configured, or a problem with how the SSL certificate is configured, or could be bad paths in your configure.php files.
Without a URL it's extremely hard to help.

[dddza]

http://www . plutoniccomputers . co . za / tetris /

The SSL works perfect before it hits the folder as you can see when going to the main domain.

[DrByte]

Um, I get broken images for categories and banners even WITHOUT trying to go into SSL mode.
Doesn't look like an SSL issue at all.

Your /tetris/images folder evidently doesn't contain the images you think it does.

examples:
http://www. your_domain .co.za/tetris/images/banners/tall-book.gif (one of your banners)
http://www. your_domain .co.za/tetris/images/pixel_trans.gif (on most of your categories)

[dddza]

Does Zencart make use of the following .htaccess files within its folders?

http://pastebin.com/FYAqYqs9

It appears the client has inserted nonstandard .htaccess files into the folders preventing access which was breaking access to the images folder. I have removed it from the images and banner folder and now access is possible.

If this is not standard please let me know so that I can check through the rest of the folders for other incorrect "security" messures performed.

[DrByte]

Yes.
You can download the original Zen Cart files by going to the home page of www.zen-cart.com .
In the zip file you'll see the .htaccess files that come with Zen Cart.

You'll also note that inside those .htaccess files, including the one you quoted, are specific instructions on how to ensure your server can handle the standard .htaccess language that's included in the Zen Cart-supplied files.


What you've done by deleting them has opened your site up to abuse by hackers.

[dddza]

Okay, I've replaced the htaccess files. I did not delete them I only renamed them for testing.

I'm now not too sure what you were referring to in you previous posts as when going to the links I get a permission denied. How would this be effecting the SSL?

[DrByte]

Didn't you start this thread saying that SSL was a problem?
I was saying that your problems don't seem to be SSL-specific.