Unable to 'Act on Behalf Of'


Since I moved web hosting server, when I click on a customer and the 'Act on Behalf of', it fails to log me in on behalf of this customer. Does anyone know if there are any settings I would need to change to get this to work?



Hello Mike,

Thank you for your message.

Most probably, your server works under protection of the Suhosin patch that can be the cause of the problem. Please set the following settings for Suhosin on the server:

suhosin.cookie.cryptua = Off

suhosin.session.encrypt = Off

suhosin.cookie.encrypt = Off

suhosin.session.cryptua = Off

and check the result. You can ask your server administrator to change these settings for you. If it does not help you, please try disabling Suhosin on your server and check the issue once again.

Thank you.

Pavel Zyukin

CS-Cart Support team

Disabling suhosin will make your server less secure, so you host may not allow it.

Thanks for the help, I followed your advice and it solved my problem.

Hello mikee,

You are always welcome.

Pavel Zyukin

CS-Cart Support team

[font=arial,helvetica,sans-serif][size=4]We are using CS Cart Pro 3.06 - a fresh install on a new testing server.[/size][/font]

[font=arial,helvetica,sans-serif][size=4]We have disabled Suhosin and we still cannot 'Act On Behalf Of' any customer. The login profile defaults back to the Admin account we are logging in with.[/size][/font]

[font=arial,helvetica,sans-serif][size=4]Tested on:[/size][/font]

[font=arial,helvetica,sans-serif][size=4]Chrome [color=#303942]26.0.1410.64 m[/color][/size][/font]

[font=arial,helvetica,sans-serif][size=4]IE 9.0.8112[/size][/font]

[font=arial,helvetica,sans-serif][size=4]Firefox 20.0.1[/size][/font]

[font=arial,helvetica,sans-serif][size=4]Safari 5.1.7[/size][/font]

'Act on Behalf Of' works on our current site, which is running CS-CART version 1.3.5-SP4 (yes, it's very out of date)

Any other ideas on this? Our CS Team frequently places orders for customers…

mod_security is blocking the 'fake' cookie which CS-Cart uses to 'act as customer'.

Your sysadmin will be able to see the rule set and whitelist it.


I have uploaded Multivendor version 4.6.3 SP1 on a godaddy server and now am not able to act on behalf of the vendor. Act on behalf of customer is working fine. The server doesn't have mod_security enabled. Any suggestions?