HostMonster Web Hosting Help

OSCommerce will not keep my sessions between HTTP and HTTPS.


When I try to log into my OSCommerce shopping cart using url, my shopping cart isn't the same. It is as though I have 2 carts, one for HTTP (unsecure) and one for HTTPS (secure).


This is a problem with the cookie settings. These are easy to fix with a simple change in the includes/configure.php file. For this example, I will be using the url.

Note: You may replace this url with any secure path you are currently using.

Edit the configure.php file located in the includes directory for your OSCommerce install. For this example it is:

  • ~/public_html/catalog/includes

I have 5 lines in the configure.php file which I am concerned with:

  • define('HTTP_SERVER', ''); // eg, http://localhost - should not be empty for productive servers
  • define('HTTPS_SERVER', ''); // eg, https://localhost - should not be empty for productive servers
  • define('ENABLE_SSL', true); // secure webserver for checkout procedure?
  • define('HTTP_COOKIE_DOMAIN', '');
  • define('HTTPS_COOKIE_DOMAIN', '');

The third line defines that when you are dealing with checking out and account configuration, it uses a secure link. All other links will be unsecure. You want to make sure that the HTTP_SERVER and HTTPS_SERVER domain names are equal to the HTTP_COOKIE_DOMAIN and HTTPS_COOKIE_DOMAIN setting as well. You will notice you do not include the "https" or the "~username" or any other folders at all, just the domain name.

With these settings, your viewers will have a seamless transition between secure and non-secure sites.

Knowledgebase Article 59,055 views bookmark tags: ssl (updated 2198 days ago)

Was this resource helpful?

Did this resolve your issue?

Please add any other comments or suggestions about this content:

Recommended Help Content

How do I Install and Configure the Agora Shopping Cart? (updated 161 days ago)
Knowledgebase Article 156,910 views tags: agora cart shopping

What payment gateways are supported by the Agora Shopping Cart? (updated 2176 days ago)
Knowledgebase Article 92,256 views tags: agora cart shopping

This article will show a way to protect specific pages of your website with SSL. This may have benefits for SEO and can be used on pages that contain forms, shopping carts or any other page where users might enter sensitive information. (updated 165 days ago)
Knowledgebase Article 3,023 views tags: htaccess pages specific ssl

Related Help Content

How to renew an existing SSL certificate--or purchase a new one, within your cPanel (updated 251 days ago)
Knowledgebase Article 60,809 views tags: cert certificate layer secure security socket ssl

An overview of what shopping carts are available and why you would want to use one. (updated 820 days ago)
Knowledgebase Article 20,047 views tags:

General Information about SSL Certificates (updated 207 days ago)
Knowledgebase Article 182,881 views tags: accept card cert certs credit ecommerce encryption layer online payments secure shopping socket

How do I log into cPanel securely? (updated 2197 days ago)
Knowledgebase Article 105,664 views tags: access account control cpanel log login panel secure

Where do I get a copy of the site seal for my SSL I purchased through HostMonster? (updated 1168 days ago)
Knowledgebase Article 184,896 views tags: cert image logo seal secure ssl

Images in the Agora shopping cart not showing or showing broken link images. (updated 2191 days ago)
Knowledgebase Article 91,615 views tags: agora cart images

Instructions for how to log into webmail securely (updated 173 days ago)
Knowledgebase Article 125,357 views tags: login secure webmail

When you try to use over a secure form it will tell you that email it sends will not be encrypted. (Happens more often with Firefox) (updated 2190 days ago)
Knowledgebase Article 63,622 views tags: form secure