I just moved a couple of stores from one linux server to another. Both of them are giving me a redirect loop when I try to access a secure page. Both are set up like this:
$config['http_host'] = 'www.domain.com';
$config['http_path'] = '/store';
$config['https_host'] = 'secure.domain.com';
$config['https_path'] = '/store';
Old Server: RHEL 4 / Apache 2.0.64 / PHP 5.3.16
New Server: CentOS 5 / Apache 2.2.23 / PHP 5.3.22
Any clues why this might be happening?
Does the secure subdomain use the same document root? Your error_log may give some clues too. On my CentOS box, if I uncomment “Rewrite Base /” in .htaccess I get redirect loops, no problems with this line commented out however.
Yes it does. And, I can access non-cscart pages on my site using the https://secure.domain.com, so it's definitely a CS-Cart issue.
That shouldn't be happening, the .htaccess and CS-Cart in the root should prevent being able to access other pages unless they are in a seperate subfolder with overriding .htaccess rules.
My store is in a /store subdirectory. I can securely access other pages outside that /store subdirectory. The configuration of my site didn't change from one server to another.
I highly recommend that you create a new cpanel account for 'store.domain.com'.
Not only is this better from an SEO perpective, it's even better for security - further any .htaccess rules for 'domain.com' don't interfere with the store (like they are now).
I figured it out. I had to add the following line to both the /.htaccess and /store/.htaccess files:
SetEnvIf X-Forwarded-Proto https HTTPS=on