There are several things to check, and the suggestions below are in order of likelihood of a result:
Stuff you can do:1. Is your domain www. or non-www and are these correct in your admin/includes/configure.php & /includes/configure.php files?
2. If your Store is in a subdirectory (eg /catalog) then the first lines of admin/inc/configure should work like this:
Code:
define('HTTP_SERVER', 'https://www.yourstore.com'); // eg, http://localhost - should not be empty for productive servers
define('HTTP_CATALOG_SERVER', 'https://www.yourstore.com');
define('HTTPS_CATALOG_SERVER', 'https://www.yourstore.com');
define('HTTPS_SERVER', 'www.yourstore.com'); // eg, https://localhost - should not be empty for productive servers
define('HTTPS_ADMIN_SERVER', 'https://www.yourstore.com/catalog/admin');
define('HTTP_COOKIE_DOMAIN', 'www.yourstore.com');
define('HTTPS_COOKIE_DOMAIN', 'www.yourstore.com');
define('HTTP_COOKIE_PATH', '/catalog/');
define('HTTPS_COOKIE_PATH', '/catalog/');
And the catalog/includes/configure.php like this:
Code:
define('HTTP_SERVER', 'http://www.yourstore.com'); // eg, http://localhost - should not be empty for productive servers
define('HTTPS_SERVER', 'https://www.yourstore.com'); // eg, https://localhost - should not be empty for productive servers
define('ENABLE_SSL', true); // secure webserver for checkout procedure?
define('HTTP_COOKIE_DOMAIN', 'www.yourstore.com');
define('HTTPS_COOKIE_DOMAIN', 'www.yourstore.com');
define('HTTP_COOKIE_PATH', '/catalog/');
define('HTTPS_COOKIE_PATH', '/catalog/');
define('DIR_WS_HTTP_CATALOG', '/catalog/');
define('DIR_WS_HTTPS_CATALOG', '/catalog/');
>>> Otherwise if it is in the root directory (eg /public_html or /httpdocs) then admin/inc/configure should work like this:
Code:
define('HTTP_SERVER', 'https://www.yourstore.com'); // eg, http://localhost - should not be empty for productive servers
define('HTTP_CATALOG_SERVER', 'https://www.yourstore.com');
define('HTTPS_CATALOG_SERVER', 'https://www.yourstore.com');
define('HTTPS_SERVER', 'www.yourstore.com'); // eg, https://localhost - should not be empty for productive servers
define('HTTPS_ADMIN_SERVER', 'https://www.yourstore.com/admin');
define('HTTP_COOKIE_DOMAIN', 'www.yourstore.com');
define('HTTPS_COOKIE_DOMAIN', 'www.yourstore.com');
define('HTTP_COOKIE_PATH', '');
define('HTTPS_COOKIE_PATH', '');
And the catalog/includes/configure.php like this:
Code:
define('HTTP_SERVER', 'http://www.yourstore.com'); // eg, http://localhost - should not be empty for productive servers
define('HTTPS_SERVER', 'https://www.yourstore.com'); // eg, https://localhost - should not be empty for productive servers
define('ENABLE_SSL', true); // secure webserver for checkout procedure?
define('HTTP_COOKIE_DOMAIN', 'www.yourstore.com');
define('HTTPS_COOKIE_DOMAIN', 'www.yourstore.com');
define('HTTP_COOKIE_PATH', '');
define('HTTPS_COOKIE_PATH', '');
define('DIR_WS_HTTP_CATALOG', '');
define('DIR_WS_HTTPS_CATALOG', '');
3. In Admin/Configuration/Sessions, all should be = False except for Prevent Spider Sessions = True
Things your Hosting company needs to help with:4. Have a word with your hosting company ... did they install a shared SSL cert or are you using a dedicated SSL? What domain settings have they used and do these match 1. above?
5. Are they running a php extension called suhosin and is this setting suhosin.session.cryptdocroot = Off?
Suhosin is usually found here: /etc/php5/conf.d/suhosin.ini (you probably won't be able to access this, but they can)
Simon
FAQ
Search