Forums / General Questions / SSL / Not working, having to logn back in admin, every page refresh

SSL / Not working, having to logn back in admin, every page refresh

Results 1 to 11 of 11
29 Jul 2014, 19:43
#1
fearless_freap avatar

fearless_freap

New Zenner

Join Date:
Jun 2014
Posts:
6
Plugin Contributions:
0

SSL / Not working, having to logn back in admin, every page refresh

I don't know what is going on...

I can't find this problem with any other posts, so I will explain my problems here:

I have set up Zen Cart with a one click install from my web host (Powweb). Everything went fine, I downloaded Abbington Mega as the theme, nothing else at this point. Version 1.5.1 - the website operated normally (meaning I could add a product, edit, upload photos etc).

I could not get the https to work, contacted my host, and figured out I had to pay for the certificate so I did. Then I could not get the website to come up as https until they told me I needed a 301 redirect for it to come up automatically. done that...

Now, when I log in and I go to admin, I log in, every time I go to a different page I have to log back in again. Plus the Authorize.net option to enable the AIM comes up "For security reasons, Installation of this module is disabled until your Admin is configured for SSL." even though I am in the https mode.

I am lost at trying to figure this one out. Anyone that has experienced this or has any help for me would be greatly appreciated.

-Steve
29 Jul 2014, 20:29
#2
lhungil avatar

lhungil

Totally Zenned

Join Date:
Feb 2012
Posts:
1,818
Plugin Contributions:
2

Re: SSL / Not working, having to logn back in admin, every page refresh

How do I enable SSL after installing Zen Cart? Pay particular note to the section 3 "admin" note about running the entire admin in SSL.


The admin configure.php file contains instructions which point out there are THREE things required to enable SSL in the entire admin:
1. HTTP_SERVER needs an https:// URL (ya, I know that may sound odd, but is key ...)
2. HTTPS_SERVER needs an https:// URL
3. ENABLE_SSL_ADMIN set to 'true'
And remember, the configure.php file is read-only, so your changes won't save until you make the file writable first.
29 Jul 2014, 20:54
#3
fearless_freap avatar

fearless_freap

New Zenner

Join Date:
Jun 2014
Posts:
6
Plugin Contributions:
0

Re: SSL / Not working, having to logn back in admin, every page refresh

lhungil:

How do I enable SSL after installing Zen Cart? Pay particular note to the section 3 "admin" note about running the entire admin in SSL.


Sorry, I forgot to mention that I did do that, I set the file attribute to 666, made the changes and ftp'd the configure.php file back up to the server.
30 Jul 2014, 14:55
#4
fearless_freap avatar

fearless_freap

New Zenner

Join Date:
Jun 2014
Posts:
6
Plugin Contributions:
0

Re: SSL / Not working, having to logn back in admin, every page refresh

I am currently on the phone with the web host, but as I was looking at the admin I see in the CONFIGURATION - SESSIONS portion of the website, there is an option for:

"Check SSL Session ID"
Validate the SSL_SESSION_ID on every secure HTTPS page request. (True / False)

Does this have anything to do with having to log in after every page?
30 Jul 2014, 15:24
#5
fearless_freap avatar

fearless_freap

New Zenner

Join Date:
Jun 2014
Posts:
6
Plugin Contributions:
0

Re: SSL / Not working, having to logn back in admin, every page refresh

Ok,

I am glad I talked with my host. It turns out that the 301 redirect was not written 100% correct. That was part of the problem, the other being that the browser was feeding some problems as well. Now the having to log in after every page view problem is solved.

I still have a problem with the SSL enabled, but the AIM stating that it isn't.
30 Jul 2014, 15:31
#6
rodg avatar

rodg

Deceased

Join Date:
Jan 2007
Posts:
6,263
Plugin Contributions:
3

Re: SSL / Not working, having to logn back in admin, every page refresh

Fearless Freap:

I am currently on the phone with the web host, but as I was looking at the admin I see in the CONFIGURATION - SESSIONS portion of the website, there is an option for:

"Check SSL Session ID"
Validate the SSL_SESSION_ID on every secure HTTPS page request. (True / False)

Does this have anything to do with having to log in after every page?


Yes, it is quite possible that it does. Try changing it to see if it makes a difference. If it doesn't then reset it back to its default setting.

Another one worth looking at is the "recreate session" setting. Generally set to 'true', but I've come across a couple of sites that simply won't work correctly unless set to false. (Alas, I've no explanation why this is so, and I've not delved far enough into the zencart code to determine exactly what this setting does).

The important thing to realise here is that these are all 'user settings' that have been implemented simply because the default settings aren't suitable for all servers (if they were then there would be no need for the configuration options), so don't be afraid to have a 'tweak' to see if you can resolve your issues. Just remember, only change *one* thing at a time, and if it doesn't have the desired effect you should immediately change it back before trying another.

Also, VERY IMPORTANT, after making any changes to these settings you MUST log off and clear your browser cache before attempting to log in again. Failure to do this can lead to all sorts of confusion ... Typically, "I was able to log in ok yesterday but today nothing seems to work".

Cheers
RodG
30 Jul 2014, 16:26
#7
drbyte avatar

drbyte

Sensei

Join Date:
Jan 2004
Posts:
63,506
Plugin Contributions:
173

Re: SSL / Not working, having to logn back in admin, every page refresh

RodG:

Yes, it is quite possible that it does.

Maybe, but highly unlikely.

It's VERY rare to ever need to change ANY of the settings in the Configuration->Sessions area. Defaults are best.
30 Jul 2014, 16:28
#8
drbyte avatar

drbyte

Sensei

Join Date:
Jan 2004
Posts:
63,506
Plugin Contributions:
173

Re: SSL / Not working, having to logn back in admin, every page refresh

Fearless Freap:

"For security reasons, Installation of this module is disabled until your Admin is configured for SSL."

When you see that message, and you look at the URL in your browser's address bar, does it start with "https://" ? If not, then you did NOT change your admin configure.php to define HTTP_SERVER to have an https URL in it.
30 Jul 2014, 17:16
#9
rodg avatar

rodg

Deceased

Join Date:
Jan 2007
Posts:
6,263
Plugin Contributions:
3

Re: SSL / Not working, having to logn back in admin, every page refresh

DrByte:

Maybe, but highly unlikely.

It's VERY rare to ever need to change ANY of the settings in the Configuration->Sessions area. Defaults are best.


Agreed. I sure wish I could figure out what the deal is with the sites I have that simply won't work unless the 'recreate session' is set to false though. There's only 2 of them that seem to need this, and it really has be baffled. Do you have any ideas?

Cheers
RodG
30 Jul 2014, 18:06
#10
fearless_freap avatar

fearless_freap

New Zenner

Join Date:
Jun 2014
Posts:
6
Plugin Contributions:
0

Re: SSL / Not working, having to logn back in admin, every page refresh

First off, let me say "Thank you" for the responses. I appreciate the help and direction...

I do see the https:// in the address of the website... I can pull up the certificate as well...

I also have Curl installed (checked with the host provider and it's taken care of.

Now something else I just noticed, is that in the Admin / Configuration / Sessions / Recreate Sessions, (True / False) set to true, when I set it to false, it comes back blank. I have to go into mysql and manually add False for it to show up like it should.
30 Jul 2014, 18:14
#11
fearless_freap avatar

fearless_freap

New Zenner

Join Date:
Jun 2014
Posts:
6
Plugin Contributions:
0

Re: SSL / Not working, having to logn back in admin, every page refresh

Actually, other options I am trying to change are not changing in the admin section... example: Payment Module / Check or Money order / Status=True when I set it to False... it doesn't change. It stays "True"