Hi All,
I have a site (http://monteas.co.uk) that has been working fine for two years or so. Last week I changed hosts so I took a cPanel backup and transferred it over to the new host who restored it for me. I then installed a new SSL certificate and all seemed OK.
When I checked the site more carefully I noticed that the SSL padlock wasn't appearing in Safari so I checked in Firefox and got the warning that some content was not secure, namely images, fonts and css files.
There's also a glitch that has appeared since the migration. If I start a new session and add a product to the cart it shows as 1 item and the value by the logo in the top bar as it should. However, if I then click the icon to see the basket contents it says that the cart is empty. I add the product again and it is there in the cart this time, as are all subsequent products which I add.
As these problems seem to have arisen since the change of host can anyone point me to a probable cause before I start poking around? The only difference I am aware of between the old hosting and the new is that the site was previously hosted on a dedicated IP address, it is now on a shared address.
I am using v1.5.6.1 which was installed cleanly and has the Lexus Royal theme applied and several additional modules such as SEO etc.
Thanks in advance,
Dink.
Looks like there are some errors in either config files in root and admin folder, or htaccess is not set up right.
Koeltechnische deurrubbers eenvoudig online op maat bestellen.
Alle niet stekplichtige onderdelen zoals scharnieren, sloten, randverwarming en verlichting voor alle typen koelingen en vriezers.
https://koelcel-onderdelen.com
Thank you for your reply. Is there anything that should be different though after changing from one host to another? I can't imagine anything is directly linked to IP address?? I will take another look through the config files.
Some posts I read where people had similar problems referred to the HTTP_Image parameter in config.php. My config file has never had this but yet the site worked OK. Do I need to add it?
Thanks,
Dink
Some posts I read where people had similar problems referred to the HTTP_Image parameter in config.php. My config file has never had this but yet the site worked OK. Do I need to add it?
Thanks,
Dink
Here's my config.php, I can't see anything wrong in there:
<?php
// HTTP
define('HTTP_SERVER', 'http://monteas.co.uk/');
// HTTPS
define('HTTPS_SERVER', 'https://monteas.co.uk/');
// DIR
define('DIR_APPLICATION', '/home/toveyd/public_html/catalog/');
define('DIR_SYSTEM', '/home/toveyd/public_html/system/');
define('DIR_DATABASE', '/home/toveyd/public_html/system/database/');
define('DIR_LANGUAGE', '/home/toveyd/public_html/catalog/language/');
define('DIR_TEMPLATE', '/home/toveyd/public_html/catalog/view/theme/');
define('DIR_CONFIG', '/home/toveyd/public_html/system/config/');
define('DIR_IMAGE', '/home/toveyd/public_html/image/');
define('DIR_CACHE', '/home/toveyd/public_html/system/cache/');
define('DIR_DOWNLOAD', '/home/toveyd/public_html/download/');
define('DIR_LOGS', '/home/toveyd/public_html/system/logs/');
// DB
define('DB_DRIVER', 'mysql');
define('DB_HOSTNAME', 'localhost');
define('DB_USERNAME', '***********');
define('DB_PASSWORD', '***********');
define('DB_DATABASE', '*************');
define('DB_PREFIX', 'oc_');
?>
and I swapped out my .htaccess file for the untouched one that comes with v1.5.6.1 but that changed nothing. I cleared the page cache after each change and did a force refresh in Firefox but still getting the same problems.
Any further ideas?
Thanks,
Dink
<?php
// HTTP
define('HTTP_SERVER', 'http://monteas.co.uk/');
// HTTPS
define('HTTPS_SERVER', 'https://monteas.co.uk/');
// DIR
define('DIR_APPLICATION', '/home/toveyd/public_html/catalog/');
define('DIR_SYSTEM', '/home/toveyd/public_html/system/');
define('DIR_DATABASE', '/home/toveyd/public_html/system/database/');
define('DIR_LANGUAGE', '/home/toveyd/public_html/catalog/language/');
define('DIR_TEMPLATE', '/home/toveyd/public_html/catalog/view/theme/');
define('DIR_CONFIG', '/home/toveyd/public_html/system/config/');
define('DIR_IMAGE', '/home/toveyd/public_html/image/');
define('DIR_CACHE', '/home/toveyd/public_html/system/cache/');
define('DIR_DOWNLOAD', '/home/toveyd/public_html/download/');
define('DIR_LOGS', '/home/toveyd/public_html/system/logs/');
// DB
define('DB_DRIVER', 'mysql');
define('DB_HOSTNAME', 'localhost');
define('DB_USERNAME', '***********');
define('DB_PASSWORD', '***********');
define('DB_DATABASE', '*************');
define('DB_PREFIX', 'oc_');
?>
and I swapped out my .htaccess file for the untouched one that comes with v1.5.6.1 but that changed nothing. I cleared the page cache after each change and did a force refresh in Firefox but still getting the same problems.
Any further ideas?
Thanks,
Dink
Config files look right.
make sure your config in admin folder looks like this
check ssl is set to on in admin, and clear vqmod cache folder, so all vqmods are reapplyed (folder vqmod/vqcache)
You might consider to change all http sections to go to https also, it will result in your entire site running ssl, so always displaying the padlock, giving instant confidence to your clients, and also gain a advantage in seo
make sure your config in admin folder looks like this
Code: Select all
// HTTP
define('HTTP_SERVER', 'http://monteas.co.uk/admin/');
define('HTTP_CATALOG', 'http://monteas.co.uk/');
// HTTPS
define('HTTPS_SERVER', 'https://monteas.co.uk/admin/');
define('HTTPS_CATALOG', 'https://monteas.co.uk/');You might consider to change all http sections to go to https also, it will result in your entire site running ssl, so always displaying the padlock, giving instant confidence to your clients, and also gain a advantage in seo
Koeltechnische deurrubbers eenvoudig online op maat bestellen.
Alle niet stekplichtige onderdelen zoals scharnieren, sloten, randverwarming en verlichting voor alle typen koelingen en vriezers.
https://koelcel-onderdelen.com
Yep, the admin config file was exactly as you suggested. SSL is enabled in admin and I have tried toggling it a couple of times and clearing the cache etc in between. Cleared the vqmods folder. Unfortunately there's no change.
I have set the whole site to use SSL now and it still throws up 38 unsecured items when checked on whynopadlock.com
Strangely, it flagged the Worldpay and credit card icons which are sourced from Worldpay and have https urls in my code. However in the report from whynopadlock it clearly lists them as having http urls:
Total number of items: 89
Number of insecure items: 38
Insecure URL: http://support.worldpay.com/support/ima ... _debit.gif
Found in: https://monteas.co.uk/
Insecure URL: http://support.worldpay.com/support/ima ... ercard.gif
Found in: https://monteas.co.uk/
Insecure URL: http://monteas.co.uk/catalog/view/theme ... ention.png
Found in: https://monteas.co.uk/system/cache/pavo ... 19968b.css
... etc.
When the code on the site is:
So now I am mighty confused 
I have set the whole site to use SSL now and it still throws up 38 unsecured items when checked on whynopadlock.com
Strangely, it flagged the Worldpay and credit card icons which are sourced from Worldpay and have https urls in my code. However in the report from whynopadlock it clearly lists them as having http urls:
Total number of items: 89
Number of insecure items: 38
Insecure URL: http://support.worldpay.com/support/ima ... _debit.gif
Found in: https://monteas.co.uk/
Insecure URL: http://support.worldpay.com/support/ima ... ercard.gif
Found in: https://monteas.co.uk/
Insecure URL: http://monteas.co.uk/catalog/view/theme ... ention.png
Found in: https://monteas.co.uk/system/cache/pavo ... 19968b.css
... etc.
When the code on the site is:
Code: Select all
<p>
<img alt="Visa Debit payments supported by WorldPay" border="0" class="worldpayImages" src="https://www.worldpay.com/images/cardlogos/visa_debit.gif" />
<img alt="Mastercard payments supported by WorldPay" border="0" class="worldpayImages" src="https://www.worldpay.com/images/cardlogos/mastercard.gif" />
<a href="https://www.worldpay.com/" target="_blank" title="Payment Processing - WorldPay - Opens in new browser window">
<img alt="WorldPay Payments Processing" border="0" class="worldpayImages" src="https://www.worldpay.com/images/poweredByWorldPay.gif" />
</a>
</p>see you found it.
problem was your extra caching system, once you accidently removed the entire folder, and readded folder, it now shows proper https
problem was your extra caching system, once you accidently removed the entire folder, and readded folder, it now shows proper https
Koeltechnische deurrubbers eenvoudig online op maat bestellen.
Alle niet stekplichtige onderdelen zoals scharnieren, sloten, randverwarming en verlichting voor alle typen koelingen en vriezers.
https://koelcel-onderdelen.com
Yes, I think I have nailed it. The clue was the whynopadlock report which gave the resource and the location. The location of all of the items was in /system/cache/...I went and moved all the files in that folder to a temp folder. The site was full of errors but a few hits of the refresh button got it back up again and it now sports the padlock. Clearly, pressing the 'Clear Page Cache' button doesn't clear everything.
I am still confused about the Worldpay logos though. I have commented them out for now as they still break the 100% SSL.
So is it safe to completely delete the contents of the /system/cache folder?
Many thanks for your help
Many thanks for your help
If the worldpay logo is not server through https, it will break the site, in that case just download the logo, and serve it from your own site.
Folder system/cache can be cleared out without anu problem, all files will be regenerated as needed.
Folder system/cache can be cleared out without anu problem, all files will be regenerated as needed.
Koeltechnische deurrubbers eenvoudig online op maat bestellen.
Alle niet stekplichtige onderdelen zoals scharnieren, sloten, randverwarming en verlichting voor alle typen koelingen en vriezers.
https://koelcel-onderdelen.com
I believe that it is part of the Worldpay agreement that the images must be hosted from their site - I will double check that though.
It's just strange that the images worked fine before the migration to the new host and certainly didn't throw the warning. Inspecting the elements in Firebug shows that the URLs are still https after the page has been served but whynopadlock lists them as unsecure.
It's just strange that the images worked fine before the migration to the new host and certainly didn't throw the warning. Inspecting the elements in Firebug shows that the URLs are still https after the page has been served but whynopadlock lists them as unsecure.
If you go to the link, you will see that its not served under ssl from worldpay server, so whynopadlock is informing you right.
just download logos from worldpay, upload them to your image folder and serve them from there.
also information page
https://monteas.co.uk/tea-grading
is not served under ssl, there is a image that is served through http, just correct to https
just download logos from worldpay, upload them to your image folder and serve them from there.
also information page
https://monteas.co.uk/tea-grading
is not served under ssl, there is a image that is served through http, just correct to https
Koeltechnische deurrubbers eenvoudig online op maat bestellen.
Alle niet stekplichtige onderdelen zoals scharnieren, sloten, randverwarming en verlichting voor alle typen koelingen en vriezers.
https://koelcel-onderdelen.com
Many thanks Victor. I have just changed the images so that they are served locally and it is nice to see the green padlock back in place. I had missed the on on the tea grading page though, I'll go and change that now.
All the best,
Dink
All the best,
Dink
Thanks for all contributors for sharing their experiences. I also found some more interesting and visual solution at Youtube channel. You can check this at https://www.youtube.com/watch?v=mbHzjhtxuPw
Yashvardhan Meharotra From VPS hosting India
Who is online
Users browsing this forum: No registered users and 9 guests
