My hosting company added zend.com to the firewall settings and walla, Curl is working on all subdirectories.
My hosting company added zend.com to the firewall settings and walla, Curl is working on all subdirectories.
.
Zen Cart - putting the dream of business ownership within reach of anyone!
Donate to: DrByte directly or to the Zen Cart team as a whole
Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.
Hi,
I asked my hosting service to allow firewall connections to zend.com and they have replied:
"an outward connection from the server to a port 80 (via curl or wget) is always closed for security reasons on servers of shared hosting. Any serious ISP has this basic and necessary security measure in place."
Any comments on this from the wise?
If I close the firewall on my local machine when installing1.38/1.38a, the installer brings up the same error about the problems with the curl installation as php.exe tries to (unsuccessfully) make the outward connection to www.zen-cart.com
I notice that sometime it connects to www.zen-cart.com on port 80 and other times on 443.
Is there a way to get it to not use port 80? Or am I barking up the wrong tree?
regards
Steve
Just one comment: Any serious ISP offering eCommerce hosting to their customers has this port open and knows how to protect their server without having to block all ports as a catch-all security measure.
If they won't open it, find a host who will. Otherwise you'll not be able to process shipping quotes and payments using 3rd-party services such as UPS, USPS, PayPal, Authorize.net, and more.
Oh, and for the record, Zen Cart has nothing to do with "zend.com"
.
Zen Cart - putting the dream of business ownership within reach of anyone!
Donate to: DrByte directly or to the Zen Cart team as a whole
Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.
Hi,
my hosting people tell me it is common practice to block 80 and 433 outgoing on shared hosting.
They can open a specific port above 10,000. Can I instruct php to use that and complete the installation or must it use those two ports?
Thanks again
Steve
Tiffany-wholesaler, your first post and you choose to Spam the Forum?
torvista, as mentioned by DrByte, your Hoster does not seem to do things in the normal fashion. Yes, they are somewhat correct in what they said but nobody installs a Front Door to their house then leaves it open all the time.
Server security can be a tricky thing but your Hoster seems to be taking the approach of "let's block everything we can and provide minimal service".
By the way,
I still can't login to admin.
I'm having the same problem on Lunarpages hosting. I'm working on updating my testing sandbox from version 1.3.7 to 1.3.8a.
Error message I see during upgrade installation:
# CURL problems detected: 6 => name lookup timed out
# CURL problems detected: 7 => Connect failed; Success.
# CURL requires SSL support. Please notify webmaster or hosting company. 7 => Connect failed; Success
Message I see running /extras/curltest.php:
You submitted the following fields and data:
Array
(
[field1] => This is a test
[statuskey] => ready
)
Data validation
Good Other Info
Your server IP address is: 74.50.11.50.
user-agent: unknown.
Array
(
[url] => "http://www.zen-cart.com/testcurl.php"
[content_type] => text/html
[http_code] => 200
[header_size] => 139
[request_size] => 192
[filetime] => -1
[ssl_verify_result] => 0
[redirect_count] => 0
[total_time] => 1.240831
[namelookup_time] => 1.143627
[connect_time] => 1.189642
[pretransfer_time] => 1.189964
[size_upload] => 0
[size_download] => 2139
[speed_download] => 1723
[speed_upload] => 0
[download_content_length] => 0
[upload_content_length] => 0
[starttransfer_time] => 1.240306
[redirect_time] => 0
)
PHP info from my old (real) 1.3.7 store:
curl
CURL support enabled
CURL Information libcurl/7.12.0 OpenSSL/0.9.7a zlib/1.1.4
We do use authorize.net AIM, so I may be affected by this problem.
I'm going to see if I can continue the installation/upgrade on that store and see what happens.
The sandbox store is at http://coreknowledge.org/register
---Diana
(subscribing to this thread!)
I am getting the same error:
"CURL requires SSL Support. Please notify webmaster..." (Connect Timed out).
Received Error code from proxy - 403...
CURL is activated on the godaddy server...
AND- I have tested with the curl test, and it Works fine.
http://www.vinylsheetprotectors.com/extras/curltest.php
I'll send an email to godaddy as well, but if anyone knows what the issue is, please let me know. (I read the entire thread and can't see any solutions).
Thanks!
If you're stuck with no options other than GoDaddy, you can ignore that CURL warning, but BE SURE to go and turn on the CURL Proxy settings, as described here:
http://www.zen-cart.com/forum/showthread.php?t=61528
.
Zen Cart - putting the dream of business ownership within reach of anyone!
Donate to: DrByte directly or to the Zen Cart team as a whole
Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.
Bookmarks