Jump to content

  • You cannot start a new topic
  • You cannot reply to this topic

Redirect loop with ssl Rate Topic   - - - - -

 
  • a1wells1
  • Junior Member
  • Members
  • Join Date: 09-Feb 10
  • 3 posts

Posted 09 February 2010 - 03:23 AM #21

Not to convolute this thread, but I am also experiencing the same redirect loop as clayhenry. My host doesn't require separate folders for secure / non-secure content, and my SSL cert is for "www.wordybird.com"... And I have CS Cart installed in the root of my web folder (/html)

My config file looks like the following:

// Host and directory where software is installed on no-secure server
$config['http_host'] = 'www.wordybird.com';
$config['http_path'] = '';
// Host and directory where software is installed on secure server
$config['https_host'] = 'www.wordybird.com';
$config['https_path'] = '';

Whenever I try to access a CS Cart page, I get the infinite redirect loop. I have a regular index.html file in the same root directory (acting as a temporary splash page) that can be accessed with https://www.wordybird.com/ without any redirect loops or problems. That tells me that the SSL is configured and working properly, and that something within CS Cart is forcing the redirect loop. The redirect loop for secure pages within CS Cart happens regardless of whether I have the SSL checkboxes enabled in Administration-> Settings -> General

My only thought... when I applied for my trial license, I submitted my domain as "wordybird.com" not "www.wordybird.com" Which is what I am now using... Would that somehow matter or cause this redirect loop to happen?

Example URLs:
http://www.wordybird.com/index.php (works just fine)
https://www.wordybird.com/index.php (infinite redirect loop)
https://www.wordybird.com/index.html (splash page that works fine with SSL)

Any and all help would be greatly appreciated... So far I have loved everything about CS-Cart with this one problem being the exception. This is make or break for my purchasing CS Cart.

Thank you in advance!

 
  • indy0077
  • Senior Member
  • Banned
  • Join Date: 03-Nov 09
  • 1431 posts

Posted 09 February 2010 - 03:41 AM #22

My only thought... when I applied for my trial license, I submitted my domain as "wordybird.com" not "www.wordybird.com" Which is what I am now using... Would that somehow matter or cause this redirect loop to happen?

Example URLs:
http://www.wordybird.com/index.php (works just fine)
https://www.wordybird.com/index.php (infinite redirect loop)
https://www.wordybird.com/index.html (splash page that works fine with SSL)

Any and all help would be greatly appreciated... So far I have loved everything about CS-Cart with this one problem being the exception. This is make or break for my purchasing CS Cart.


1) As first, I would delete your "splash" index page.
2) The license will be issued for the domain name, then it doesn't matter if www or not
3) In my post above you can see that it works fine. There are not any htaccess hacks or some unusually settings on the server.

But I think, if you send a message to CS-Cart as a potentially customer and explain your problem, they will help you.
.
CS-Cart Professional €160.00 | CS-Cart Multi-Vendor €625.00 | CS-Cart Hosting | SSL Certificates
.
CS-Cart Optimized Servers *** USA & UK VPS Servers

 
  • a1wells1
  • Junior Member
  • Members
  • Join Date: 09-Feb 10
  • 3 posts

Posted 09 February 2010 - 05:10 AM #23

1) As first, I would delete your "splash" index page.
2) The license will be issued for the domain name, then it doesn't matter if www or not
3) In my post above you can see that it works fine. There are not any htaccess hacks or some unusually settings on the server.

But I think, if you send a message to CS-Cart as a potentially customer and explain your problem, they will help you.


Thanks Indy.

Removing the splash page has no effect on the SSL redirect loop (tried that already)
I have already opened a ticket, so I am hoping that they can help resolve the issue or can point me in the right direction. As of right now, I don't have any ideas on how to resolve it.
If anyone else has any ideas, I would love to hear them.

Thanks!

 
  • clayhenry
  • Junior Member
  • Members
  • Join Date: 07-Feb 10
  • 13 posts

Posted 11 February 2010 - 03:31 AM #24

I have changed my web host... it fixed the issue. From what I would assume it must be an IP issue. Make sure your dedicated IP is configured correctly and you run the whole website off it (both secure sections and non-secure).

...this is my best guess

 
  • frank551
  • Junior Member
  • Members
  • Join Date: 02-Feb 10
  • 13 posts

Posted 12 February 2010 - 07:10 PM #25

I'm using Mediatemple and I'm getting a redirect loop too. I was overzealous and applied the security setting to the admin page, and now I can't do anything to change it.

I have a SSL cert for the domain setup, and have used it with other carts in subdomains, so I know that's not an issue.

Any help!?!?

www.kegcowboy.com/cscartbeta

edit: I also tried running the phpmyadmin query I found on another thread to reset the admin to nonsecure, and despite clearing cookies, it's still redirecting to https. Still locked out!

edit: ok, I got into the right part of the database, and I'm no longer locked out of admin. SSL is still not working though.

 
  • clayhenry
  • Junior Member
  • Members
  • Join Date: 07-Feb 10
  • 13 posts

Posted 22 February 2010 - 01:12 AM #26

I was with MT as well... it appears to be a server config issue.

 

Posted 29 July 2010 - 06:17 PM #27

Hey folks,

I'm from (mt) Media Temple tech support and came across this thread. Hopefully I can offer some insight as to the problem and provide a solution to this.

The redirect issue while using SSL connections is generally related to how our (gs) Grid-Service defines HTTP_HOST. The HTTP_HOST variable over SSL would be defined as domain.com:443 rather than just domain.com. This can causes CS-Cart's 'REAL_HOST' variable to be used incorrectly. For example, it'll try to redirect to:

https://domain.com - > https://domain.com:443/index.php - > https://domain.com:443/index.php -> redirect loop/fail

Other non (mt) users could see similar problems if their host configures their servers in a similar fashion.

The fix is very simple, we need to just edit prepare.php and replace a single instance of HTTP_HOST (which can carry the :443 suffix over SSL) with SERVER_NAME (which will always be domain.com/www.domain.com regardless of connection type).

Just follow these steps:

1) FTP into your server

2) Locate the file 'prepare.php' (for (mt) users, generally this is located in /home/####/domains/domain.com/html/prepare.php)

3) Download the file, make a backup

4) Edit the file using a plaintext text editor such as notepad

5) Replace the following line:

define('REAL_HOST', $_SERVER['HTTP_HOST']);

With:

define('REAL_HOST', $_SERVER['SERVER_NAME']);

6) Re-upload and overwrite prepare.php

7) Fixed!

As always, (mt) Media Temple customers have 24/7 phone and ticket support. If you need assistance, feel free to call us at 1-877-578-400. Just reference this support request as the solution so your support staff doesn't have to re-invent the wheel so to speak! :)

Hope this helps.

-Daniel
http://mediatemple.net

 
  • ibizo
  • Member
  • Authorized Reseller
  • Join Date: 10-Jul 12
  • 39 posts

Posted 13 March 2017 - 01:29 PM #28

There is mistake in the kb docs as allways!!
 
 
If you want to activate secure connection for all urls, you need to only enable "Keep HTTPS connection once a secure page is visited"
 
not to enable Enable secure connection at checkout, Enable secure connection in the administration panel, Enable secure connection for authentication, profile and orders pages
 
because if you enable all those options, there is loop
 
just for your info :)


 
  • CS-Cart team
  • CS-Cart support team
  • Moderators
  • Join Date: 04-Apr 11
  • 3810 posts

Posted 13 March 2017 - 02:05 PM #29

 

There is mistake in the kb docs as allways!!
 
 
If you want to activate secure connection for all urls, you need to only enable "Keep HTTPS connection once a secure page is visited"
 
not to enable Enable secure connection at checkout, Enable secure connection in the administration panel, Enable secure connection for authentication, profile and orders pages
 
because if you enable all those options, there is loop
 
just for your info :)

 

 

Redirect loop is always caused by server side issues.

 

There are two most common situations:

 

1. SSL certificate is missing on the server or is not configured properly and server redirects from HTTPS to HTTP. In This case if you enable secure connection in CS-Cart, CS-Cart will redirect to HTTPS and server will redirect back to HTTPS. This will cause redirect loop.

 

2. There is a redirect to HTTPS on the server. In this case if secure connection is not enabled in CS-Cart settings, CS-Cart will redirect to HTTP and server will redirect back to HTTPS. This will also cause a redirect loop.

 

We also suggest to use the new documentation (http://docs.cs-cart.com) instead of KB, unless you are on some old CS-Cart branch.


Sincerely yours, CS-Cart Support Team

 

User guide       |  Developer documentation  |  Core API documentation


 
  • markhedley
  • Advanced Member
  • Trial users
  • Join Date: 19-Nov 16
  • 129 posts

Posted 13 March 2017 - 05:11 PM #30

Redirect loop is always caused by server side issues.

 

 

Not always ;-) can be caused by bad coding as well. Never forget PEBCAK ;-)



 
  • ibizo
  • Member
  • Authorized Reseller
  • Join Date: 10-Jul 12
  • 39 posts

Posted 14 March 2017 - 01:00 PM #31

Redirect loop is always caused by server side issues.

 

There are two most common situations:

 

1. SSL certificate is missing on the server or is not configured properly and server redirects from HTTPS to HTTP. In This case if you enable secure connection in CS-Cart, CS-Cart will redirect to HTTPS and server will redirect back to HTTPS. This will cause redirect loop.

 

2. There is a redirect to HTTPS on the server. In this case if secure connection is not enabled in CS-Cart settings, CS-Cart will redirect to HTTP and server will redirect back to HTTPS. This will also cause a redirect loop.

 

We also suggest to use the new documentation (http://docs.cs-cart.com) instead of KB, unless you are on some old CS-Cart branch.

 

 

In this case, your kb docs are with mistake.. when all the options that are writen in your docs are active there are redirect loops.

 

We test on 5 active cs-cart stores!! No Bad Config!!

 

Just for other user if they try to add https to entire store, just to activate Keep HTTPS connection once a secure page is visited, because if they activate and the other options, the php fn redirect makes loop!!

I know, that the kb docs are out of date, but will make owners life easy, if make correction there.. in time like this a lot of stores migrate to https...



 
  • CS-Cart team
  • CS-Cart support team
  • Moderators
  • Join Date: 04-Apr 11
  • 3810 posts

Posted 15 March 2017 - 06:13 AM #32

In this case, your kb docs are with mistake.. when all the options that are writen in your docs are active there are redirect loops.

 

We test on 5 active cs-cart stores!! No Bad Config!!

 

Just for other user if they try to add https to entire store, just to activate Keep HTTPS connection once a secure page is visited, because if they activate and the other options, the php fn redirect makes loop!!

I know, that the kb docs are out of date, but will make owners life easy, if make correction there.. in time like this a lot of stores migrate to https...

 

Enabling secure connection in CS-Cart admin panel should not cause such problems.

 

The problem requires examination on your server. Please contact us via Customer Help Desk and provide temporary access to your server by clicking on the Add record  link on the Access information page of your Help Desk account so that we could examine the issue.


Sincerely yours, CS-Cart Support Team

 

User guide       |  Developer documentation  |  Core API documentation