When starting the site it's https:// (as defined in configure.php), but if I then press e.g. front page or shopping cart the connection becomes unprotected. Same for buying an item. My account seems to be the only one remaining https://.
When starting the site it's https:// (as defined in configure.php), but if I then press e.g. front page or shopping cart the connection becomes unprotected. Same for buying an item. My account seems to be the only one remaining https://.
1. What's the URL?
2. What are the definitions for HTTP_SERVER and HTTPS_SERVER in your /includes/configure.php file?
3. Why do you want all pages to be https? What's the specific business reason?
.
Zen Cart - putting the dream of business ownership within reach of anyone!
Donate to: DrByte directly or to the Zen Cart team as a whole
Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.
1. t g e .fi
2.
3.When testing I got a warning that the secure contents is sent over a non secure connection.PHP Code:define('HTTP_SERVER', 'http:// see above with no spaces /');
define('HTTPS_SERVER', 'https:// see above with no spaces/');
Now I am however not able to reproduce the warning!
1. What was the test that gave the warning? This kind of warning shows only in your browser, and not in logs ... so ... should be easy to know when it's present or not.
2. This article deals with fixing the warning: http://www.zen-cart.com/content.php?...lly-encrypted) ... but requires you to be able to reproduce the warning.
.
Zen Cart - putting the dream of business ownership within reach of anyone!
Donate to: DrByte directly or to the Zen Cart team as a whole
Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.
No, but there are other things happening on the page which could cause it:
- maybe you selected a different product? (vs one that has unsecured assets on it)
- maybe you have certain advertising banners that appear in random order, so don't always trigger the error on every page?
- maybe you have other addons such as social media boxes which appear only at certain times, and those are causing your problems?
- etc
.
Zen Cart - putting the dream of business ownership within reach of anyone!
Donate to: DrByte directly or to the Zen Cart team as a whole
Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.
Also, making every page https does not necessarily resolve the secure contents notification. If content is hard coded as either http: or https: when the sites address is https: or http: (respectfully) then that message could appear if the browser is set to alert on such an issue. One way I have tracked down these type of hard coded image/display issues is to do a search on the files for something like: src="http
It won't catch versions with spaces aside the = symbol; however, helps with resolving that issue when properly formatted for display or prevented from being shown as applicable.
ZC Installation/Maintenance Support <- Site
Contribution for contributions welcome...
If you use Google Chrome, use the inspect element. This is found when pressing the right mouse button. After the screen has come up select the console tab. This will show more information about the insecure content
Zen cart installation / maintenance / customisation / hosting
Supported Modules: Dutch language pack, Multi site, Dynamic Price Updater and more.