Post by Randem » Sun Oct 12, 2014 6:53 pm

I installed a UCC SSL Certificate and now my site has gone buggy... I check the code on the pages and they have both HTTP and HTTPS links basically rendering my pages non-secure. This is making my site jump from secure to non-secure all over the place and pages not to be found. This is a multi-store site and not much is working. All stores domain names point to the main store page and not their store pages. Why is this happening with the UCC SSL and OpeCart?
Last edited by Randem on Sun Dec 14, 2014 5:16 am, edited 1 time in total.

NEVER take serious; anyone who gives negative impact statements with no ABSOLUTE proof!
OpenCart Helpful Information * Upgrade 1.5 to 2.1 * Upgrade 2.1 to 2.2
"Why do people NEVER have enough time to do it right but ALWAYS enough time to do it over?"
DO NOT EVER GIVE SOMEONE YOU DON"T KNOW ADMIN ACCESS TO ANYTHING!
I am NOT affiliated with OpenCart


User avatar
Active Member

Posts

Joined
Sat Sep 27, 2014 9:17 am

Post by Randem » Mon Oct 13, 2014 3:15 am

Update... In the admin panel everything seems to be handled correctly but in the main store it is not... It would seem that when the pages are rendered the conversion does not happen from HTTP to HTTPS in many cases.

NEVER take serious; anyone who gives negative impact statements with no ABSOLUTE proof!
OpenCart Helpful Information * Upgrade 1.5 to 2.1 * Upgrade 2.1 to 2.2
"Why do people NEVER have enough time to do it right but ALWAYS enough time to do it over?"
DO NOT EVER GIVE SOMEONE YOU DON"T KNOW ADMIN ACCESS TO ANYTHING!
I am NOT affiliated with OpenCart


User avatar
Active Member

Posts

Joined
Sat Sep 27, 2014 9:17 am

Post by Randem » Mon Oct 13, 2014 1:25 pm

Problem: Pages are rendered with a a mix of secure (HTTPS) and unsecured links (HTTP) to the store.

Answer: Edited the index.php in the root folder and added the following code just before the //Url line (about line 77). This forces all links to your SSL store to be rendered secure (prefixed with https://). This may be handled better somewhere else but it works here.

Code: Select all

// Store
....

if ($store_query->num_rows) {

	$config->set('config_store_id', $store_query->row['store_id']);
	$store_https = str_replace('www.','',$store_query->row['ssl']); //RJ-20141012
} else {

	$config->set('config_store_id', 0);

}

// Settings
...

if (!$store_query->num_rows) {
	$config->set('config_url', HTTP_SERVER);

//	$config->set('config_ssl', HTTPS_SERVER);	 //RJ-20141012

	$config->set('config_ssl', str_replace('www.','',HTTPS_SERVER));	// Make secure url uniform (https://domain.com) // RJ-20141012

}

//=======================================================================================================================
// RJ-20141012  - Force https to be rendered in all store links to help avoid unsafe pages (insecure)
//=======================================================================================================================

if (isset($_SERVER['HTTPS'])) {
	if (($_SERVER['HTTPS'] == 'on') ||($_SERVER['HTTPS'] == '1')) {
		if (isset($store_https)) { 
			$config->set('config_ssl', $store_https);
			$config->set('config_url', $store_https);
		}
	} 
}


// RJ-20141012
//=======================================================================================================================
  

// Url
Just before this code

Code: Select all

// Url

$url = new Url($config->get('config_url'), $config->get('config_secure') ? $config->get('config_ssl') : $config->get('config_url'));	

$registry->set('url', $url);
MORE UPDATES LATER!!!

NEVER take serious; anyone who gives negative impact statements with no ABSOLUTE proof!
OpenCart Helpful Information * Upgrade 1.5 to 2.1 * Upgrade 2.1 to 2.2
"Why do people NEVER have enough time to do it right but ALWAYS enough time to do it over?"
DO NOT EVER GIVE SOMEONE YOU DON"T KNOW ADMIN ACCESS TO ANYTHING!
I am NOT affiliated with OpenCart


User avatar
Active Member

Posts

Joined
Sat Sep 27, 2014 9:17 am

Post by Randem » Sat Oct 25, 2014 10:26 am

Here is the complete index.php file in case there is confusion on where to place the code.

Attachments

Index.php from the root (NOT the Admin folder)


NEVER take serious; anyone who gives negative impact statements with no ABSOLUTE proof!
OpenCart Helpful Information * Upgrade 1.5 to 2.1 * Upgrade 2.1 to 2.2
"Why do people NEVER have enough time to do it right but ALWAYS enough time to do it over?"
DO NOT EVER GIVE SOMEONE YOU DON"T KNOW ADMIN ACCESS TO ANYTHING!
I am NOT affiliated with OpenCart


User avatar
Active Member

Posts

Joined
Sat Sep 27, 2014 9:17 am

Post by labeshops » Wed Jan 27, 2016 9:00 am

Have you ever figured out how to make the store logo show as being https:// ?? That's the only thing I haven't been able to solve and tried your code in this post but it didn't solve it either. I have the config files set with images as https: which solved all images EXCEPT the store logo that is set via settings.

Running Opencart v2.2 with multi-stores from https://www.labeshops.com which has links to all my stores.

Image


User avatar
Expert Member

Posts

Joined
Thu Aug 04, 2011 4:41 am
Location - Florida, USA

Post by Randem » Wed Jan 27, 2016 9:12 am

Yes, set all references to HTTP to be HTTPS in the config.php files.

Other relevant info - http://www.randemsystems.com/support/op ... cart-v2-x/

NEVER take serious; anyone who gives negative impact statements with no ABSOLUTE proof!
OpenCart Helpful Information * Upgrade 1.5 to 2.1 * Upgrade 2.1 to 2.2
"Why do people NEVER have enough time to do it right but ALWAYS enough time to do it over?"
DO NOT EVER GIVE SOMEONE YOU DON"T KNOW ADMIN ACCESS TO ANYTHING!
I am NOT affiliated with OpenCart


User avatar
Active Member

Posts

Joined
Sat Sep 27, 2014 9:17 am

Post by labeshops » Wed Jan 27, 2016 9:24 am

Randem wrote:Yes, set all references to HTTP to be HTTPS in the config.php files.

Other relevant info - http://www.randemsystems.com/support/op ... cart-v2-x/
I cannot do that as not all of my multistores use SSL right now. My main 12 do , the other 11 do not. So I cannot have everything show as https:

Running Opencart v2.2 with multi-stores from https://www.labeshops.com which has links to all my stores.

Image


User avatar
Expert Member

Posts

Joined
Thu Aug 04, 2011 4:41 am
Location - Florida, USA

Post by Randem » Wed Jan 27, 2016 9:37 am

That makes no sense. you can't have 11 stores on one OpenCart system, it only supports 4 stores. And those stores that use SSL should be paired with others that do and the same with non SSL stores. In your case, you have a configuration design issue not specifically an OpenCart one.

Are you saying the all your stores resolve to one IP address?

NEVER take serious; anyone who gives negative impact statements with no ABSOLUTE proof!
OpenCart Helpful Information * Upgrade 1.5 to 2.1 * Upgrade 2.1 to 2.2
"Why do people NEVER have enough time to do it right but ALWAYS enough time to do it over?"
DO NOT EVER GIVE SOMEONE YOU DON"T KNOW ADMIN ACCESS TO ANYTHING!
I am NOT affiliated with OpenCart


User avatar
Active Member

Posts

Joined
Sat Sep 27, 2014 9:17 am

Post by labeshops » Wed Jan 27, 2016 8:40 pm

Randem wrote:That makes no sense. you can't have 11 stores on one OpenCart system, it only supports 4 stores. And those stores that use SSL should be paired with others that do and the same with non SSL stores. In your case, you have a configuration design issue not specifically an OpenCart one.

Are you saying the all your stores resolve to one IP address?
I have no idea why you think opencart only supports 4 stores - it does not. You can have as many multi-stores in opencart as you want. I originally had about 35 but have since paired down to 23. You can select each store setting some to use SSL and some to not use SSL, again no problem. See my signature links. All run from my 1 opencart installation which is at labeshops.com with an SSL certificate installed and set up for my main stores right now - I'll expand and pay the additional eventually to have them all SSL, but as some are newer stores without as much traffic/sales, they don't have them yet.

Running Opencart v2.2 with multi-stores from https://www.labeshops.com which has links to all my stores.

Image


User avatar
Expert Member

Posts

Joined
Thu Aug 04, 2011 4:41 am
Location - Florida, USA

Post by Randem » Thu Jan 28, 2016 2:50 am

You are correct , it does support more than 4 but if you mix and match SSL / no SSL you are bound to have problems since all the stores need to resolve to the same IP address. That is just a management nightmare as you can see... Yes, you can select SSL and non SSL per store but remember just because you can do something does not mean that you should... and in this case you shouldn't.

NEVER take serious; anyone who gives negative impact statements with no ABSOLUTE proof!
OpenCart Helpful Information * Upgrade 1.5 to 2.1 * Upgrade 2.1 to 2.2
"Why do people NEVER have enough time to do it right but ALWAYS enough time to do it over?"
DO NOT EVER GIVE SOMEONE YOU DON"T KNOW ADMIN ACCESS TO ANYTHING!
I am NOT affiliated with OpenCart


User avatar
Active Member

Posts

Joined
Sat Sep 27, 2014 9:17 am

Post by labeshops » Thu Jan 28, 2016 3:43 am

Thanks, but the only issue I have is the logo not showing https: which was my original question.

Multistores all resolve to the same IP anyway since the only ip used is the domain it is installed on with multistores really just being "virtual" stores. So that is a non-issue.

Running Opencart v2.2 with multi-stores from https://www.labeshops.com which has links to all my stores.

Image


User avatar
Expert Member

Posts

Joined
Thu Aug 04, 2011 4:41 am
Location - Florida, USA

Post by Randem » Thu Jan 28, 2016 4:12 am

OpenCart delivers mixed content on some pages and the only way to stop it is to force one protocol. If you do not then there is nothing you can do aside from changing code in several places which is yet another nightmare or following correct procedures which is much simpler.

NEVER take serious; anyone who gives negative impact statements with no ABSOLUTE proof!
OpenCart Helpful Information * Upgrade 1.5 to 2.1 * Upgrade 2.1 to 2.2
"Why do people NEVER have enough time to do it right but ALWAYS enough time to do it over?"
DO NOT EVER GIVE SOMEONE YOU DON"T KNOW ADMIN ACCESS TO ANYTHING!
I am NOT affiliated with OpenCart


User avatar
Active Member

Posts

Joined
Sat Sep 27, 2014 9:17 am

Post by labeshops » Sat Jan 30, 2016 1:16 am

I finally resolved this (with the help of evolve) by putting an absolute path in the config file instead of the dynamic one I was trying to use and had seen suggested elsewhere in the forums.

No problem with ssl or non-ssl stores on the same configuration, either. Eventually all my stores will be ssl enabled, but while some are still in the earlier stages, I find it not necessary to spend the extra money on the certificate.

Running Opencart v2.2 with multi-stores from https://www.labeshops.com which has links to all my stores.

Image


User avatar
Expert Member

Posts

Joined
Thu Aug 04, 2011 4:41 am
Location - Florida, USA

Post by Randem » Sat Jan 30, 2016 4:44 am

labeshops,

I have never heard of putting a dynamic or relative path in the config.php file. Where did you get that advice?
BTW: There is a problem with mixing SSL and NON-SSL stores but it is just one you don't care about yet :)

NEVER take serious; anyone who gives negative impact statements with no ABSOLUTE proof!
OpenCart Helpful Information * Upgrade 1.5 to 2.1 * Upgrade 2.1 to 2.2
"Why do people NEVER have enough time to do it right but ALWAYS enough time to do it over?"
DO NOT EVER GIVE SOMEONE YOU DON"T KNOW ADMIN ACCESS TO ANYTHING!
I am NOT affiliated with OpenCart


User avatar
Active Member

Posts

Joined
Sat Sep 27, 2014 9:17 am

Post by labeshops » Sat Jan 30, 2016 7:06 am

Don't remember now, it was somewhere here in the forums and used $server instead of www.yourdomain.com in the path.

Running Opencart v2.2 with multi-stores from https://www.labeshops.com which has links to all my stores.

Image


User avatar
Expert Member

Posts

Joined
Thu Aug 04, 2011 4:41 am
Location - Florida, USA

Post by Randem » Sat Jan 30, 2016 7:35 am

Yes, I can see why it would be thought of as to work but you need the home path and the $_SERVER['DOCUMENT_ROOT'] parameter for the config.php files would work in most cases but not in the store URL. This would be a disaster...

NEVER take serious; anyone who gives negative impact statements with no ABSOLUTE proof!
OpenCart Helpful Information * Upgrade 1.5 to 2.1 * Upgrade 2.1 to 2.2
"Why do people NEVER have enough time to do it right but ALWAYS enough time to do it over?"
DO NOT EVER GIVE SOMEONE YOU DON"T KNOW ADMIN ACCESS TO ANYTHING!
I am NOT affiliated with OpenCart


User avatar
Active Member

Posts

Joined
Sat Sep 27, 2014 9:17 am

Post by EvolveWebHosting » Sat Jan 30, 2016 8:42 am

Just wanted to clarify the comments about the Dedicated IP address and the different SSL Certificates.

It used to be that cPanel would only support 1 Dedicated IP address and 1 SSL certificate per account and the workaround was the use of a UCC certificate to support multiple SANs.

Now, if the hosting provider is staying up to date with current cPanel releases, a single cPanel account can have 1 Dedicated IP address and multiple certificates installed. This means you could now have 2 or more Non UCC certificates installed on one cPanel account.

Randem, I notice you're reselling GoDaddy hosting and they use a mix of Windows and Linux servers and only some of the Linux servers use cPanel and I don't know how up to date they keep the software.

To fix the HTTPS logo issue for Labeshops, the HTTP and HTTPS sections both needed to have the 's' added after http in both config files.

Image
https://www.evolvewebhost.com
$10.49 .com Registration and $9.99 .com Transfers in now
Guaranteed top level opencart performance and support. Risk free 30 day money back guarantee & free transfers.
Image


User avatar
Active Member

Posts

Joined
Fri Mar 27, 2015 11:13 pm
Location - Denver, Colorado, USA

Post by Randem » Sat Jan 30, 2016 8:58 am

EvolveWebHosting wrote:Randem, I notice you're reselling GoDaddy hosting and they use a mix of Windows and Linux servers and only some of the Linux servers use cPanel and I don't know how up to date they keep the software.
I am confused, what does this have to do with anything??????

NEVER take serious; anyone who gives negative impact statements with no ABSOLUTE proof!
OpenCart Helpful Information * Upgrade 1.5 to 2.1 * Upgrade 2.1 to 2.2
"Why do people NEVER have enough time to do it right but ALWAYS enough time to do it over?"
DO NOT EVER GIVE SOMEONE YOU DON"T KNOW ADMIN ACCESS TO ANYTHING!
I am NOT affiliated with OpenCart


User avatar
Active Member

Posts

Joined
Sat Sep 27, 2014 9:17 am

Post by EvolveWebHosting » Sat Jan 30, 2016 9:39 am

That you could be offering Plesk or a different version of cPanel or an entirely different control panel that supports different features. I didn't look into the specific details.

Image
https://www.evolvewebhost.com
$10.49 .com Registration and $9.99 .com Transfers in now
Guaranteed top level opencart performance and support. Risk free 30 day money back guarantee & free transfers.
Image


User avatar
Active Member

Posts

Joined
Fri Mar 27, 2015 11:13 pm
Location - Denver, Colorado, USA

Post by Randem » Sat Jan 30, 2016 9:46 am

EvolveWebHosting wrote:That you could be offering Plesk or a different version of cPanel or an entirely different control panel that supports different features. I didn't look into the specific details.
I still don't see how this pertains? I never offered anyone anything.

NEVER take serious; anyone who gives negative impact statements with no ABSOLUTE proof!
OpenCart Helpful Information * Upgrade 1.5 to 2.1 * Upgrade 2.1 to 2.2
"Why do people NEVER have enough time to do it right but ALWAYS enough time to do it over?"
DO NOT EVER GIVE SOMEONE YOU DON"T KNOW ADMIN ACCESS TO ANYTHING!
I am NOT affiliated with OpenCart


User avatar
Active Member

Posts

Joined
Sat Sep 27, 2014 9:17 am
Who is online

Users browsing this forum: No registered users and 6 guests