HostMonster Web Hosting Help

OSCommerce will not keep my sessions between HTTP and HTTPS.


When I try to log into my OSCommerce shopping cart using url, my shopping cart isn't the same. It is as though I have 2 carts, one for HTTP (unsecure) and one for HTTPS (secure).


This is a problem with the cookie settings. These are easy to fix with a simple change in the includes/configure.php file. For this example, I will be using the url.

Note: You may replace this url with any secure path you are currently using.

Edit the configure.php file located in the includes directory for your OSCommerce install. For this example it is:

  • ~/public_html/catalog/includes

I have 5 lines in the configure.php file which I am concerned with:

  • define('HTTP_SERVER', ''); // eg, http://localhost - should not be empty for productive servers
  • define('HTTPS_SERVER', ''); // eg, https://localhost - should not be empty for productive servers
  • define('ENABLE_SSL', true); // secure webserver for checkout procedure?
  • define('HTTP_COOKIE_DOMAIN', '');
  • define('HTTPS_COOKIE_DOMAIN', '');

The third line defines that when you are dealing with checking out and account configuration, it uses a secure link. All other links will be unsecure. You want to make sure that the HTTP_SERVER and HTTPS_SERVER domain names are equal to the HTTP_COOKIE_DOMAIN and HTTPS_COOKIE_DOMAIN setting as well. You will notice you do not include the "https" or the "~username" or any other folders at all, just the domain name.

With these settings, your viewers will have a seamless transition between secure and non-secure sites.

Knowledgebase Article 57,791 views bookmark tags: ssl (updated 2103 days ago)

Was this resource helpful?

Did this resolve your issue?

Please add any other comments or suggestions about this content:

Recommended Help Content

How do I Install and Configure the Agora Shopping Cart? (updated 66 days ago)
Knowledgebase Article 154,460 views tags: agora cart shopping

What payment gateways are supported by the Agora Shopping Cart? (updated 2081 days ago)
Knowledgebase Article 91,341 views tags: agora cart shopping

This article will show a way to protect specific pages of your website with SSL. This may have benefits for SEO and can be used on pages that contain forms, shopping carts or any other page where users might enter sensitive information. (updated 71 days ago)
Knowledgebase Article 1,291 views tags: htaccess pages specific ssl

Related Help Content

How to renew an existing SSL certificate--or purchase a new one, within your cPanel (updated 156 days ago)
Knowledgebase Article 55,278 views tags: cert certificate layer secure security socket ssl

An overview of what shopping carts are available and why you would want to use one. (updated 725 days ago)
Knowledgebase Article 18,548 views tags:

General Information about SSL Certificates (updated 113 days ago)
Knowledgebase Article 172,697 views tags: accept card cert certs credit ecommerce encryption layer online payments secure shopping socket

How do I log into cPanel securely? (updated 2102 days ago)
Knowledgebase Article 102,104 views tags: access account control cpanel log login panel secure

Where do I get a copy of the site seal for my SSL I purchased through HostMonster? (updated 1073 days ago)
Knowledgebase Article 181,659 views tags: cert image logo seal secure ssl

Images in the Agora shopping cart not showing or showing broken link images. (updated 2096 days ago)
Knowledgebase Article 90,615 views tags: agora cart images

Instructions for how to log into webmail securely (updated 78 days ago)
Knowledgebase Article 120,388 views tags: login secure webmail

When you try to use over a secure form it will tell you that email it sends will not be encrypted. (Happens more often with Firefox) (updated 2096 days ago)
Knowledgebase Article 62,480 views tags: form secure