still scratching my head on this google chrome mobile not secure site bs!!!

[travbacon]

so when i write a url on facebook mydomain.com/blah blah blah, facebook automatically adds http not https, so i have to make sure i do https://mydomain.com/blah blah product url

here's another thing and this ONLY happens with google chrome ON A PHONE OR TABLET, NOT DESKTOP.

on desktop i can type in the url without https mydomain.com/producturl whatever and it'll automatically convert to secure mode

but if i do it on the mobile phone or tablet, it'll go straight to http:// and chrome will say, this site is not secure.

why? again, this is only on google chrome mobile browser. opera, internet explorer, etc., no issues.

Here's my config

define('DIR_WS_CATALOG', '/');
define('DIR_WS_HTTPS_CATALOG', '/');

define('DIR_WS_IMAGES', 'images/');
define('DIR_WS_INCLUDES', 'includes/');
define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');
define('DIR_WS_DOWNLOAD_PUBLIC', DIR_WS_CATALOG . 'pub/');
define('DIR_WS_TEMPLATES', DIR_WS_INCLUDES . 'templates/');

define('DIR_WS_PHPBB', '/');

// * DIR_FS_* = Filesystem directories (local/physical)
//the following path is a COMPLETE path to your Zen Cart files. eg: /var/www/vhost/accountname/public_html/store/
define('DIR_FS_CATALOG', '/var/www/vhosts/mydomain.com/httpdocs/' . $path);

//the following path is a COMPLETE path to the /logs/ folder eg: /var/www/vhost/accountname/public_html/store/logs ... and no trailing slash
define('DIR_FS_LOGS', '/var/www/vhosts/mydomain.com/httpdocs/' . $path . 'logs');

define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');
define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');
define('DIR_WS_UPLOADS', DIR_WS_IMAGES . 'uploads/');
define('DIR_FS_UPLOADS', DIR_FS_CATALOG . DIR_WS_UPLOADS);
define('DIR_FS_EMAIL_TEMPLATES', DIR_FS_CATALOG . 'email/');

// define our database connection
define('DB_TYPE', 'mysql');
define('DB_PREFIX', '');
define('DB_CHARSET', 'utf8');
define('DB_SERVER', 'localhost');
define('DB_SERVER_USERNAME', 'mydomain');
define('DB_SERVER_PASSWORD', 'password');
define('DB_DATABASE', 'mydomain');

// The next 2 "defines" are for SQL cache support.
// For SQL_CACHE_METHOD, you can select from: none, database, or file
// If you choose "file", then you need to set the DIR_FS_SQL_CACHE to a directory where your apache
// or webserver user has write privileges (chmod 666 or 777). We recommend using the "cache" folder inside the Zen Cart folder
// ie: /path/to/your/webspace/public_html/zen/cache -- leave no trailing slash
define('SQL_CACHE_METHOD', 'file');
define('DIR_FS_SQL_CACHE', '/var/www/vhosts/mydomain.com/httpdocs/' . $path . 'cache');


so here's my htaccess file


##############################################################################
# Add custom headers and options
###############################################################################
# Notes:
#
# Examples: Adding IE compatibility / edge flags, language and encoding flags,
# php or suphp directives, configure other Apache modules such as page_speed,
# and enable or disable Apache httpd options.
#
# Do NOT configure anything directly relating to physical or virtual resources
# in this section. These should be addressed later on in this file.
###############################################################################
#Options -Indexes

###############################################################################
# Enable mod_rewrite processing using the rules in this .htaccess file
###############################################################################
# Notes:
#
# <IfModule> should be avoided at all costs. If mod_rewrite is not available
# it is almost always better to return HTTP 500 status. This way we see there
# is an issue as soon as the .htaccess file is uploaded.
#
# For mod_rewrite to work, the Apache server option to allow symbolic links to
# be followed must be enabled. Most providers supporting mod_rewrite will
# already have it enabled for you, but if your rewrite rules are not working
# you can un-comment the first directive below to manually enable the option.
#
# Don't forget, mod_rewrite directives are processed in order until a matching
# RewriteRule with the [L] flag is encountered. So the more specific a rule is
# the closer it should appear to the top of this file.
###############################################################################
#Options +FollowSymLinks
RewriteEngine on

###############################################################################
# Tell mod_rewrite where this file is relative to the server document_root
###############################################################################
# Notes:
#
# This directive should only be enabled if this .htaccess file is not placed
# in the document_root (usually public_html, www, or web) of the (sub)domain.
#
# An easy way to determine the location relative to the server document_root is
# to look at the URL used to access a file in this folder. For example if you
# access a "page" in the same folder as this file by typing in the URL
# "www.mydomain.com/myfolder/index.html" then "myfolder" will be the location
# of this file relative to the server document_root.
#
# Another quick and easy way to determine the correct setting for this is to
# look at the defined value for DIR_WS_CATALOG and DIR_WS_HTTPS_CATALOG in
# Zen Cart's configure.php files. All three values should match.
#
# Don't forget the leading and trailing /. This directive requires both!
###############################################################################
#RewriteBase /shop/


###############################################################################
# Redirect if request was for index.php (no query)
###############################################################################
# Notes:
#
# This is only required if the site generates references to index.php with no
# parameters. This rule will force a 301 redirect to the site root when a
# request is made for "/index.php" with no query terms (?key=value).
###############################################################################
#RewriteCond %{QUERY_STRING} ^$
#RewriteRule ^index\.php$ / [R=301,L]


###############################################################################
# Add any custom 301 redirects
###############################################################################
# Notes:
#
# In general these should be few and far between. If you use a RewriteRule
# be sure to add the L flag to let Apache mod_rewrite know to stop processing
# and skip any RewriteRules defined later in the .htaccess file.
###############################################################################


###############################################################################
# Redirect if request was for index.php (with or without query)
###############################################################################
# Notes:
#
# This is a performance optimization. If the request is for index.php simply
# pass the request on and do not process any other mod_rewrite directives in
# this file.
#
# Basically this avoids the overhead of checking if index.php is a real file
# or directory (used in subsequent mod_rewrite rules) before sending the
# request to index.php.
###############################################################################
RewriteRule ^index\.php$ - [L]


###############################################################################
# Start Ultimate (SEO) URLs
###############################################################################
# Notes:
#
# You should not make any changes in this section unless you really understand
# how it will impact your web site. Mistakes can break things.
###############################################################################

# Handles the new URL formats
RewriteRule ^(.*)-c-([0-9_]+)/(.*)-p-([0-9]+)(.*)$ index\.php?main_page=product_info&products_id=$4&cPath=$2&%{QUERY_STRING} [L]
RewriteRule ^(.*)-c-([0-9_]+)/(.*)-pi-([0-9]+)(.*)$ index\.php?main_page=popup_image&pID=$4&cPath=$2&%{QUERY_STRING} [L]
RewriteRule ^(.*)-c-([0-9_]+)/(.*)-pr-([0-9]+)(.*)$ index\.php?main_page=product_reviews&products_id=$4&cPath=$2&%{QUERY_STRING} [L]
RewriteRule ^(.*)-c-([0-9_]+)/(.*)-pri-([0-9]+)(.*)$ index\.php?main_page=product_reviews_info&products_id=$4&cPath=$2&%{QUERY_STRING } [L]

# Original (unchanged) URL formats
RewriteRule ^(.*)-p-([0-9]+)(.*)$ index\.php?main_page=product_info&products_id=$2&%{QUERY_STRING} [L]
RewriteRule ^(.*)-m-([0-9]+)(.*)$ index\.php?main_page=index&manufacturers_id=$2&%{QUERY_STRING} [L]
RewriteRule ^(.*)-pi-([0-9]+)(.*)$ index\.php?main_page=popup_image&pID=$2&%{QUERY_STRING} [L]
RewriteRule ^(.*)-pr-([0-9]+)(.*)$ index\.php?main_page=product_reviews&products_id=$2&%{QUERY_STRING} [L]
RewriteRule ^(.*)-pri-([0-9]+)(.*)$ index\.php?main_page=product_reviews_info&products_id=$2&%{QUERY_STRING} [L]
RewriteRule ^(.*)-ezp-([0-9]+)(.*)$ index\.php?main_page=page&id=$2&%{QUERY_STRING} [L]
RewriteRule ^(.*)-c-([0-9_]+)(.*)$ index\.php?main_page=index&cPath=$2&%{QUERY_STRING} [L]

# Rewrite all other requests (if the file / directory does not exist)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index\.php?main_page=$1&%{QUERY_STRING} [L]

###############################################################################
# Add any other directives relating to the handling of physical files
###############################################################################
# Notes:
#
# If processing makes it this far, the request was for a real file or folder.
# Example: Adding further processing related to browser caching or security.
###############################################################################

# Force https
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteCond %{SERVER_PORT} 80
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

[dbltoe]

What you are not showing in your config file are the most important entries in your file.

Code:

/**
 * Enter the domain for your store * If you have SSL, enter the correct https address in BOTH the HTTP_SERVER and HTTPS_SERVER settings, instead of just an http address. */define('HTTP_SERVER', 'https://yourshop.com');define('HTTPS_SERVER', 'https://yourshop.com');/** * If you have https enabled on your website, set this to 'true' */ define('ENABLE_SSL', 'true');

Make sure you have the items in red in your file

AND... in the admin

Code:

/**
 * Enter the domain for your Admin URL. If you have SSL, enter the correct https address in the HTTP_SERVER setting, instead of just an http address. */define('HTTP_SERVER', 'https://ginniascreativetubeshop.com');/** * Note about HTTPS_SERVER: * There is no longer an HTTPS_SERVER setting for the Admin. Instead, put your SSL URL in the HTTP_SERVER setting above. */

[travbacon]

I'm sorry I do have that. I missed copying that. Here it is

// Define the webserver and path parameters
// HTTP_SERVER is your Main webserver: eg-http://www.your_domain.com
// HTTPS_SERVER is your Secure webserver: eg-https://www.your_domain.com
define('HTTP_SERVER', 'https://www.mydomain.com');
define('HTTPS_SERVER', 'https://www.mydomain.com');

// Use secure webserver for checkout procedure?
define('ENABLE_SSL', 'true');

// NOTE: be sure to leave the trailing '/' at the end of these lines if you make changes!
// * DIR_WS_* = Webserver directories (virtual/URL)
// these paths are relative to top of your webspace ... (ie: under the public_html or httpdocs folder)

so i still only have this problem in google chrome mobile

[dbltoe]

Things can get tricky when they all do not match.

If your SSL is for your_doman.com versus www.your_domain.com, then you would not use www anywhere. You do have it in the config you copied.

If your SSL IS for www.your_domain.com AND your 301 that is forcing the https does not force TO www from non-www, that could be the problem.

Of course trying to straighten all this out while using Ultimate SEO can be a goat rope in and of itself.

[travbacon]

in our hosting it is set up as follows

Preferred domain *
with www
without www
none

Select the URL (either with or without the www. prefix) to which site visitors will be redirected via a SEO-safe HTTP 301 redirect.

its selected under none

[dbltoe]

Since you use www in your config, I would try with IF your SSL is with. SSL and 301 are two separate things. Those two and the config should all match.

[mc12345678]

Also the rewrite at the very end of the htaccess file should be further up. Potentially at the beginning after/below the RewriteEngine on.

[ianhg]

The HTAccess file I use first item this seems to work ok
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R,QSA]
</IfModule>

[dbltoe]

Your configure.php files and your .htaccess should match your SSL certificate exactly.

Plus, you need to wind up at one location with a redirect. You need to address both the https and the www.

If the SSL certificate lists https://www.yoursiteDOTcom:

Code:

RewriteEngine On

# Redirect HTTP with www to HTTPS with www
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# Redirect HTTP without www to HTTPS with www
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# Redirect HTTPS without www to HTTPS with www
RewriteCond %{HTTPS} on
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

And, your configure.php files would show https://www.yoursiteDOTcom.

If your SSL certificate does NOT list www:

Code:

RewriteEngine On

# Redirect HTTP with www to HTTPS without www
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule .* https://%1%{REQUEST_URI} [R=301,L]
# Redirect HTTP without www to HTTPS without www
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# Redirect HTTPS with www to HTTPS without www
RewriteCond %{HTTPS} on
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule .* https://%1%{REQUEST_URI} [R=301,L]

And, your configure.php files would show https://yoursiteDOTcom