No, the problem is that even though the link correctly starts in the browser as
https://secure.gothicmagic.co.uk/ind...ain_page=login
... the cart is unable to accurately detect that the page is served as SSL, and is therefore treating it as non-SSL internally, as evidenced by View Source:
Code:
<base href="http://gothicmagic.co.uk/" />
That only happens when either of the two files I mentioned is changed, or if the host is unable to pass on the fact that SSL is active on the given page.
If all the files are correct, then it's most likely a hosting problem ... and with your hosting company's track record, you may not have much success twisting their arm to help very much.