Hi I have 1.5.6.4 installed and also have SSL installed everything is secure and working fine appart from the cart:
Voucher
Coupon
Refresh (to update any items in cart from 1 to 2)
when anything is entered in these fields I get an error in firefox
"Although this page is encrypted, the information you have entered is to be sent over an unencrypted connection and could easily be read by a third party.
Are you sure you want to continue sending this information?"
The cart shows HTTPS but for some reason no coupons, no vouchers and quantities cant be added/updated.
Tested on 2 computers and also in safari too
any help please on what needs editing?
Thanks
Jason
What's the site URL? If you don't want to give out the URL, use whynopadlock.com to debug it.jasong wrote:bump
any idea what section of the opencart files I should look at?
DL
This account is inactive. Look for us under the name 'EvolveWebHosting' and contact us under that username.
Thanks!
My website contains adult toys so if offended please don't view.
www.thenaughtybunny.co.uk
add anything to basket > top right click basket > view cart > on qantity update button throws unsecure error
coupon and voucher also does the same if you type anything in the field.
My store is secure and my host is also confused as to why its not working too. Would it be worth my time buying a checkout extension if it fixes the issue?
Thank you
Jason
www.thenaughtybunny.co.uk
add anything to basket > top right click basket > view cart > on qantity update button throws unsecure error
coupon and voucher also does the same if you type anything in the field.
My store is secure and my host is also confused as to why its not working too. Would it be worth my time buying a checkout extension if it fixes the issue?
Thank you
Jason
Why are you forcing SSL for every single page? I've checked the cart and checkout pages and there are no errors in terms of the padlock. Is the attached what you're seeing for the error? If it is, try the default theme and if that error doesn't show, you need to contact the developer of your theme. I can't find any other security error on the site.jasong wrote:I have just found out that its not just the cart page, my contact us page also does the same thing, no message is sent and pressing continue throws the unsecure page and clears all boxes
DL
Attachments
Screen Shot 2014-05-17 at 7.51.40 AM.png (34.96 KiB) Viewed 2980 times
This account is inactive. Look for us under the name 'EvolveWebHosting' and contact us under that username.
Thanks!
Yes thats the warning I see, and the action thats preformed isn't registered and cleared due to security warning.
My host set up the SSL, the issues are with the pages that should be secure too
I tested defult and the issue still shows, just cant see why these very different buttons are throwing security risks. Could it be my SSL just doesn't like opencart? COMODO CA limited is the company, my feelings are its something very simple thats been missed.
Site full tested to voucher, coupon, refesh buttons in cart and contact us continue button
My host set up the SSL, the issues are with the pages that should be secure too
I tested defult and the issue still shows, just cant see why these very different buttons are throwing security risks. Could it be my SSL just doesn't like opencart? COMODO CA limited is the company, my feelings are its something very simple thats been missed.
Site full tested to voucher, coupon, refesh buttons in cart and contact us continue button
No that won't do the trick.jasong wrote:Would the issue resove itself if I buy a checkout extension and a contact extension?
DL
This account is inactive. Look for us under the name 'EvolveWebHosting' and contact us under that username.
Thanks!
I was thinking about the forced SSL, what code would I have to imput to only have SSL show on account creation and checkout, maybe the error would go from the contact page and the cart page. I have been knocking my head off a wall for the last week as this error is a mystery for anyone I have asked.
Thank you
Jason
Thank you
Jason
More than likely you have code in a .htaccess file forcing SSL on every single page. To make the standard pages (account, checkout) SSL, you only edit the 2 config files and select the radio button to use SSL.jasong wrote:I was thinking about the forced SSL, what code would I have to imput to only have SSL show on account creation and checkout, maybe the error would go from the contact page and the cart page. I have been knocking my head off a wall for the last week as this error is a mystery for anyone I have asked.
Thank you
Jason
DL
This account is inactive. Look for us under the name 'EvolveWebHosting' and contact us under that username.
Thanks!
Thank you, I spoke to my host today and they can't help anymore as they don't know how to configure it, they just said I need to add the code myself, but I have no idea
I have this code entered in my .htaccess file
this is my config file, I tried adding onto the HTTPS_SERVER', 'https://www.thenaughtybunny.co.uk/ with HTTPS_SERVER', 'https://www.thenaughtybunny.co.uk/account/register but page doesn't load correctly
and this is my admin/config file
any help please I just want the checkout page and the account creation page to be protected, as SSL on all pages doesn't work with - contact us page or voucher/coupon/refesh buttons on my cart page
I have this code entered in my .htaccess file
Code: Select all
# SEO URL Settings
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]Code: Select all
<?php
// HTTP
define('HTTP_SERVER', 'http://www.thenaughtybunny.co.uk/');
define('HTTP_IMAGE', 'http://www.thenaughtybunny.co.uk/image/');
define('HTTP_ADMIN', 'http://www.thenaughtybunny.co.uk/admin/');
// HTTPS
define('HTTPS_SERVER', 'https://www.thenaughtybunny.co.uk/');
define('HTTPS_IMAGE', 'https://www.thenaughtybunny.co.uk/image/');Code: Select all
<?php
// HTTP
define('HTTP_SERVER', 'http://www.thenaughtybunny.co.uk/admin/');
define('HTTP_CATALOG', 'http://www.thenaughtybunny.co.uk/');
// HTTPS
define('HTTPS_SERVER', 'https://www.thenaughtybunny.co.uk/admin/');
define('HTTPS_CATALOG', 'https://www.thenaughtybunny.co.uk/');
define('HTTPS_IMAGE', 'https://www.thenaughtybunny.co.uk/image/');This code doesn't belong at all:
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
After that, are you trying to create the non www to www redirect?
DL
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
After that, are you trying to create the non www to www redirect?
DL
This account is inactive. Look for us under the name 'EvolveWebHosting' and contact us under that username.
Thanks!
Yup that would be weird but I'm glad you got it sorted out.jasong wrote:OMG I could kiss you but that would be wierd haha, it all works,thank you so much! no more unsecure errors
Tested and so far all works perfectly
Thank you for helping me
DL
This account is inactive. Look for us under the name 'EvolveWebHosting' and contact us under that username.
Thanks!
Who is online
Users browsing this forum: Google [Bot] and 22 guests
