URGENT - Sessions suddenly stopped working.

[dbltoe]

hit wrong button on phone

[dbltoe]

As noted before, but I'll try to expand for clarity.

1. Find out exactly how your SSL is written. Is it for www.yoursite.com or just yoursite.com? Non-www is the most common today BUT, if your two configure files do not match the www status of your SSL, you will continue to have problems
2. Next the configure files. All instances of http should be set to https: AND the enable SSL to TRUE. It will soon be required if you want certain browsers to work with your site.
3. Lastly, the 301 redirect, Your redirect appears to be incorrect in that it takes the browser to http: versus https:. However, it needs to not only redirect to https: BUT ALSO to either non-www or www to match the SSL. See number 1 above.

If these three things are not done correctly, you will continue to have problems.

[VDecalS]

As noted before, but I'll try to expand for clarity.

1. Find out exactly how your SSL is written. Is it for www.yoursite.com or just yoursite.com? Non-www is the most common today BUT, if your two configure files do not match the www status of your SSL, you will continue to have problems
2. Next the configure files. All instances of http should be set to https: AND the enable SSL to TRUE. It will soon be required if you want certain browsers to work with your site.
3. Lastly, the 301 redirect, Your redirect appears to be incorrect in that it takes the browser to http: versus https:. However, it needs to not only redirect to https: BUT ALSO to either non-www or www to match the SSL. See number 1 above.

If these three things are not done correctly, you will continue to have problems.

It would be helpful if #3 (301 redirects) were also mentioned in the enable wiki: https://www.zen-cart.com/content.php...alled-zen-cart

[dbltoe]

They are not a requirement for the SSL to work. Just keep the Search Engines from thinking you have multiple sites. That often effects rank.

[royaldave]

As noted before, but I'll try to expand for clarity.

1. Find out exactly how your SSL is written. Is it for www.yoursite.com or just yoursite.com? Non-www is the most common today BUT, if your two configure files do not match the www status of your SSL, you will continue to have problems
2. Next the configure files. All instances of http should be set to https: AND the enable SSL to TRUE. It will soon be required if you want certain browsers to work with your site.
3. Lastly, the 301 redirect, Your redirect appears to be incorrect in that it takes the browser to http: versus https:. However, it needs to not only redirect to https: BUT ALSO to either non-www or www to match the SSL. See number 1 above.

If these three things are not done correctly, you will continue to have problems.

I either haven't explained myself correctly or you misunderstand.

Until Wednesday I had implemented EXACTLY what you said, and my zencart was working perfectly fine in SSL.

But suddenly on Wednesday my sessions starting breaking as described in my earlier post.

I worked out it was ok if I went http:// instead of https:// which is why I changed my .htaccess file so that customers can still shop.

I am looking for a reason why SSL stopped working.

[royaldave]

OK, have (sort of) solved the problem.

My host has had me (via cpanel) force SSL. Even though I had my configure.php set correctly, on clicking products apparently my site was dropping back to http://. He said its common to see zencarts do this, but they usually cope fine so he can't explain why suddenly now.

[dbltoe]

For clarification. What your host had you do was fix a 301 redirect for a shared certificate. Yet, you had a 301 in your .htaccess? If you set the .htaccess any other way than by cpanel originally, you may have exacerbated the problem

And, as a certified host, I will flatly deny the

He said its common to see (sic)zencarts do this, but they usually cope fine so he can't explain why suddenly now.

Rather than be caught without knowledge, they MAY have finally done what they should have and made sure the redirects were correct across the board.
Unless they specifically have a statement of non-maintenance, I would do the Forest thing. IMHO, this should have long ago been fixed by a reputable host UNLESS there was no maintenance agreement in place.

[royaldave]

If you view source on one of my pages you'll see that all the links to categories and products are http:// and not https:// even though I have amended the configure.php as you recommended. What drives this - I think I need to fix this.

[royaldave]

right.... for several years now my multi-site module has been misconfigured! products/categories have all been linked in as http:// instead of https://

So while its great I'll finally fix this - how has it been working until last week?

[dbltoe]

https://www.w3schools.com/Html/html_filepaths.asp is an excellent tutorial on links. BUT...........

You have SO many things wrong. I discover more each time I look.

You shoot yourself in the foot in your define_main_page when you added the link for a redirect to your Joomla cart. This, after telling everyone to click on the categories to shop.

You have a redirect on your site to send all traffic going to your root into your joomla directory in www mode which is NOT supported by the SSL.

If you would prefer to call us, or have requirements not covered by our online services, please visit our retail website - www.funkyballoons.com.au.

Your

Code:

<base href="https://www.funkyballoons.com.au/zencart/" />
<link rel="canonical" href="https://www.funkyballoons.com.au/zencart/" />

settings have you going to www which is NOT supported by your SSL

I think any change on either site throws a monkey wrench into the works.

Using the checker at https://websiteadvantage.com.au/Resp...Header-Checker, it appears that the final landing place for http://www.funkyballoons.com.au/zencart is https://www.funkyballoons.com.au/joo...ing::shocking: