HostMonster Web Hosting Help

OSCommerce will not keep my sessions between HTTP and HTTPS.

Problem:

When I try to log into my OSCommerce shopping cart using https://secure.HostMonster.com/~username url, my shopping cart isn't the same. It is as though I have 2 carts, one for HTTP (unsecure) and one for HTTPS (secure).

Solution:

This is a problem with the cookie settings. These are easy to fix with a simple change in the includes/configure.php file. For this example, I will be using the https://secure.HostMonster.com/~username url.

Note: You may replace this url with any secure path you are currently using.

Edit the configure.php file located in the includes directory for your OSCommerce install. For this example it is:

  • ~/public_html/catalog/includes

I have 5 lines in the configure.php file which I am concerned with:

  • define('HTTP_SERVER', 'http://www.domain.com'); // eg, http://localhost - should not be empty for productive servers
  • define('HTTPS_SERVER', 'https://secure.HostMonster.com/~username'); // eg, https://localhost - should not be empty for productive servers
  • define('ENABLE_SSL', true); // secure webserver for checkout procedure?
  • define('HTTP_COOKIE_DOMAIN', 'www.domain.com');
  • define('HTTPS_COOKIE_DOMAIN', 'secure.HostMonster.com');

The third line defines that when you are dealing with checking out and account configuration, it uses a secure link. All other links will be unsecure. You want to make sure that the HTTP_SERVER and HTTPS_SERVER domain names are equal to the HTTP_COOKIE_DOMAIN and HTTPS_COOKIE_DOMAIN setting as well. You will notice you do not include the "https" or the "~username" or any other folders at all, just the domain name.

With these settings, your viewers will have a seamless transition between secure and non-secure sites.

Knowledgebase Article 58,529 views bookmark tags: ssl (updated 2161 days ago)


Was this resource helpful?

Did this resolve your issue?


Please add any other comments or suggestions about this content:





Recommended Help Content

How do I Install and Configure the Agora Shopping Cart? (updated 123 days ago)
Knowledgebase Article 155,883 views tags: agora cart shopping

What payment gateways are supported by the Agora Shopping Cart? (updated 2140 days ago)
Knowledgebase Article 91,866 views tags: agora cart shopping

This article will show a way to protect specific pages of your website with SSL. This may have benefits for SEO and can be used on pages that contain forms, shopping carts or any other page where users might enter sensitive information. (updated 128 days ago)
Knowledgebase Article 2,343 views tags: htaccess pages specific ssl

Related Help Content

How to renew an existing SSL certificate--or purchase a new one, within your cPanel (updated 214 days ago)
Knowledgebase Article 58,536 views tags: cert certificate layer secure security socket ssl

An overview of what shopping carts are available and why you would want to use one. (updated 784 days ago)
Knowledgebase Article 19,384 views tags:

General Information about SSL Certificates (updated 170 days ago)
Knowledgebase Article 178,769 views tags: accept card cert certs credit ecommerce encryption layer online payments secure shopping socket

How do I log into cPanel securely? (updated 2160 days ago)
Knowledgebase Article 104,238 views tags: access account control cpanel log login panel secure

Where do I get a copy of the site seal for my SSL I purchased through HostMonster? (updated 1130 days ago)
Knowledgebase Article 183,533 views tags: cert image logo seal secure ssl

Images in the Agora shopping cart not showing or showing broken link images. (updated 2154 days ago)
Knowledgebase Article 91,184 views tags: agora cart images

Instructions for how to log into webmail securely (updated 136 days ago)
Knowledgebase Article 123,369 views tags: login secure webmail

When you try to use HostMonster.com over a secure form it will tell you that email it sends will not be encrypted. (Happens more often with Firefox) (updated 2154 days ago)
Knowledgebase Article 63,132 views tags: form secure