.
Zen Cart - putting the dream of business ownership within reach of anyone!
Donate to: DrByte directly or to the Zen Cart team as a whole
Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.
Thanks DrByte, very useful document however i am guessing it is because of the template I am using and I have no idea where to begin
I am prepared to pay if someone could please help me?
Things look fine to me...
Zencart will only put the site into SSL (https) when SSL is needed.
SSL is needed ONLY when sensitive information needs to be transmitted (login, register, checkout).
At all other times, SSL is "dormant".
SSL can slow a site down, and as it is only needed when data is being TRANSMITTED over the internet, it can be switched off when not needed... ensuring that your site is not unnecessarily slowed down.
20 years a Zencart User
Thanks Schoolboy!
I sat last night and went through all the files used for my template and changed all HTTP to HTTPS and then it seemed to work.
"SSL is needed ONLY when sensitive information needs to be transmitted (login, register, checkout).
At all other times, SSL is "dormant".
SSL can slow a site down, and as it is only needed when data is being TRANSMITTED over the internet, it can be switched off when not needed... ensuring that your site is not unnecessarily slowed down."
I see the green https on all my pages does this mean I am slowing the site down? Or is that correct?
Thanks
Debbie
If SSL is configured on your server properly (talk to your host) and zencart is operating normally, then SSL will work ONLY when it is necessary.
For you to go into code files and hack them to FORCE unnecessary behaviour is not very wise. Unless you are knowledgeable and experienced in the FUNCTIONS implied by certain HTTP calls, you could actually being doing damage to zencart's operations.
If the template itself is badly designed (and many are), then that is a different issue, and you need to address your concerns with the person/company that built/sold the template.
When I went to your site, SSL appeared to be working as it is supposed to, so your tinkering is likely to have been in vain. I would (if I were you) restore everything to what it was before you attacked the code. Just restore the backup copies you made of each file before you did the edits... You do have backups... ?
20 years a Zencart User
Unfortunately I know very little about Zen Cart and with having recently installed a new template I was stuck!!
If the SSL appears to be working correctly then my messing was purely luck but it wasn't until I edited these files could I get the SSL to work correctly at all so seems a bad template!
I have backups of the files but fingers crossed I wont need them
Thank you very much for your help.
Debbie
The way to test for possible template issues is to REVERT to the CLASSIC TEMPLATE, and see if the site behaves the same way as it does uning a CUSTOM template.
(This is why "classic" should NEVER be altered or modified).
If your site behaves normally when using CLASSIC, then you can be pretty sure your problems are being caused by any customised template files.
If your site behaves THE SAME when using CLASSIC, then you probably have issues NOT related to custom templating.
20 years a Zencart User