SHTML Wrapper 500 server error on Chrome

I once again deleted everything but I had incremental back-ups. The last one was from 10 October. That one had 95% of what I had today.

I restored that one and I STILL got that error. On my quest to figure out what is going on I noticed this:
// HTTPS
define('HTTPS_SERVER', 'http://www.store.com/store/admin/');
define('HTTPS_CATALOG', 'http://www.store.com/store/');

in the config files.

Notice no "S"?

So I put the S in there and for right now the problem disappeared...... now why it wasn't https, I don't know but I am 95% sure I told the last install to use SSL when I installed it.

We shall see once again as I delay my store for another 7 days as I test.

Well, 03rd through 14th it worked, then wham -- again. (Bear in mind that SSL protecting admin can halt it, but you're throwing 500.) Something else may be going on behind your back. Initially take a quick look at permissions (755 dirs, 644 files, look also in particular at .htaccess and both config.php), at timestamps (on both index.php), at /download/ (nothing weird?), and for any .dirname/ (DOT) directories. In particular, misfit .htaccess and php.ini files can throw 500 (quick fix is just to revert). If no problems are there, then the worst is probably not going on. If there are problems in those, then look at the rest below.

At http://forum.opencart.com/viewtopic.php?f=20&t=98644 you will read four pages of security concerns, through the more recent virulence of some of them at http://forum.opencart.com/viewtopic.php ... 60#p440953 . You'll see an overview of steps to take at http://forum.opencart.com/viewtopic.php ... 15#p434919 and you'll see an overview of why below that at http://forum.opencart.com/viewtopic.php ... 15#p435318 .

I'll do that if it happens again. Right now I don't see anything odd with the files or permissions. Download disable was one of the extensions I used and I also renamed the directory right off.
Lets see what happens next.....

Good on /download/ and permissions. Whatever causes each good configuration to go belly up is intermittent, raising the possibility of outside influence, so for the time being keep an eye on permissions (any 777 or .dirname/ will be a red flag), and look for any oddly named .php files -- default.php, grocery.php (no kidding), etc., notably 29-34 kb or about 75-77 kb.