Show Posts


Messages - Thumper

Pages: [1]
1
Security / Re: SSL Certificate showing mixed usage content
« on: June 25, 2016, 03:56:09 PM »
Fixed with the new installation. Thank you for the support. I am live with it.

2
General Support / Re: Contact Us not showing in Context menu
« on: June 25, 2016, 03:53:33 PM »
Fixed! Thank you for the support.

3
General Support / Re: Contact Us not showing in Context menu
« on: June 24, 2016, 03:52:58 PM »
Lee...See my personal message to you.

4
General Support / Re: Contact Us not showing in Context menu
« on: June 24, 2016, 08:26:59 AM »
Yes...I understand that it's a form. But I'm asking how I can get the form onto the Contact Us page? With all the other content information (About Us, Privacy Policy, Return Policy, etc.) I can apply a form in the Layout tab of the Content Manager. My problem is that Contact Us is NOT in the Content Manager as a choice! I even tried adding a new Contact Us item in the Content Manager but I then ended up with two "Contact Us" links.

I'm asking where in the Content Manager, or elsewhere, is the Contact Us  content so I can work with it?

5
General Support / Contact Us not showing in Context menu
« on: June 23, 2016, 10:34:33 PM »
I just installed AbanteCart without the sample data. It was actually a second installation after I had some issues with the first installation. With the first installation I DID install with the sample data and had no issues with the Contact Us form and content.

My issue with this second installation is that the Contact Us link is showing in the Content Menu but it is not showing in the Content Manager. The issue I have with this is that the "Contact Us" page only shows the company name, address and phone numbers but I can't get the "Contact Us" form in there. Since it doesn't show in the Content Menu, I can't link the form to the Layout for the Contact Us Title in the Content Manager.

I have attached three images which show the Contact Us link, the Content Menu and the Contact Us page. The Contact Us page has been redacted but that's all that shows on the page. There is no Contact Us form.

6
Security / Re: XSS Vulnerability Fix v1.15 to v1.2.7
« on: June 23, 2016, 04:43:27 PM »
I have downloaded and updated the request.php file as indicated. Why does the message keep popping up as a new message in my admin portal? Can something be done to stop it since it is not a new message and I have taken care of it?

7
Security / Re: SSL Certificate showing mixed usage content
« on: June 22, 2016, 10:30:08 AM »
It has not been an SSL certificate issue. I have multiple certificates on multiple sites, for two other Zen Cart installs and several other secure web-based database applications I have written. All work perfectly both in root domains and in sub-domains. That also doesn't explain why none of my product images, which did work for several days, suddently stopped appearing, even though they were in the resource library.

I decided to give AbanteCart one more try and have installed it on a separate root domain I own (as opposed to a sub-folder/sub-domain of my main domain which I have always done) that is database software related to a specific genre. As before, it installed without any issues. The missing product images has not appeared again, but then again it didn't for a few days on my previous install) and everything is fine so far. I had been waiting for the SSL certificate to propagate and just prior to my writing this post, it had come up and the page is coming up as a secure page (so far).

I'm going to wait a few days while testing it to make sure everything stays as it is now, remembering that I had issues other than the SSL certificate with the last installation. If it does, I will go live with it.

Thanks to all for your help and suggestions.

8
Security / Re: SSL Certificate showing mixed usage content
« on: June 21, 2016, 01:53:28 PM »
Quote
Is the "insecure endpoint" on another installation?
No, it is not.

Quote
Are you loading any images on this page?
The only images being loaded are the product images, which show on the main page, as well as the company logo. Both of these, I would imagine, would be allowed for in AbanteCart.

I replaced the init.php with the uploaded version posted by Abolabo but that made things even worse. With the newer version of init.php the cart and payment pages wouldn't open properly. Once I switched back to my original init.php they opened normally.

Then things got even weirder. The page worked perfectly for approximately two hours the other day (security and everything else) but right after that the same security issue popped up again and additionally now the product images stopped showing on the main page (I did nothing different).

Actually, the point is moot now as I was spending way too much time on something that should work with no issues. Although I would like to stay with AbanteCart, I must remain with Zen Cart for now. I have no security issues with it and everything works as it should, although I like the AbanteCart interface much better (as well as the HTML receipts and notices).

Wish I could stay with AbanteCart but too many things broken in it with regard to standard items such as SSL certificates and product images.

9
Security / Re: SSL Certificate showing mixed usage content
« on: June 10, 2016, 06:54:36 PM »
@abolabo - I found on the page where it show the <base href... but shouldn't that be set properly by the AbanteCart Admin settings? As shown in my last post, I do have SSL enabled and have the proper settings for the http and https fields.

10
Security / Re: SSL Certificate showing mixed usage content
« on: June 10, 2016, 06:04:58 PM »
Yes...as stated several times above, I do indeed have SSL enabled (see attached screen shot).
Where is <base href="I can't post external links-Frustrating!"> showing (which file) and where in AbanteCart would I change this?

11
Security / Re: SSL Certificate showing mixed usage content
« on: June 09, 2016, 12:15:41 PM »
shop.datasoftware.net, with the files being present in datasoftware.net/shop

12
Security / Re: SSL Certificate showing mixed usage content
« on: June 09, 2016, 09:34:54 AM »
@ llegrand - Yes, I do have the Store URL and the Secure Store URL set appropriately and correctly. Thanks for the link for the handy tool. That did give me a lot of insight.

@ Basara - I did a basic installation of AbanteCart into mydomain.com/shop because I have other important business related pages under the root domain. The only changes made were text changes in "About Us", the "Main Page" welcome information and the product information. To be able to set a Subject Alternative Name in my GoDaddy UCC SSL certificate I had to set a domain name, thus the shop.mydomain.com name.

When I ran the "whynopadlock" utility, it gave me 57 insecure items, all of them in basic installed files (graphic files like png and jpg and many css files), which I have not altered in any way. (see below - NOTE: I couldn't post external links so I had to change everything to non-links. Add the http and https + mydomain,com in front of the shop folder.)

Total number of items: 94
Number of insecure items: 57

Insecure URL: /shop/storefront/view/default/stylesheet/bootstrap.min.css
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/stylesheet/flexslider.css
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/stylesheet/onebyone.css
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/stylesheet/font-awesome.min.css
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/stylesheet/fonts.google.css
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/stylesheet/style.css
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/javascript/jquery-1.11.0.min.js
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/javascript/jquery-migrate-1.2.1.min.js
Found in: shop.mydomain.com

Insecure URL: /shop/resources/image/18/79/e.jpg
Found in: shop.mydomain.com

Insecure URL: /shop/resources/image/18/76/2.jpg
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/image/banner_image_1.png
Found in: shop.mydomain.com

Insecure URL: /shop/image/thumbnails/18/7a/IICM_jpg-100260-250x250.jpg
Found in: shop.mydomain.com

Insecure URL: /shop/image/thumbnails/18/7a/LEOTrakPremium_jpg-100259-250x250.jpg
Found in: shop.mydomain.com

Insecure URL: /shop/image/thumbnails/18/7a/LEOTrakAdvanced_jpg-100258-250x250.jpg
Found in: shop.mydomain.com

Insecure URL: /shop/image/thumbnails/18/7a/LEOTrakBasic_jpg-100257-250x250.jpg
Found in: shop.mydomain.com

Insecure URL: /shop/image/thumbnails/18/7a/Details_JPG-100256-250x250.jpg
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/image/stars_5.png
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/javascript/bootstrap.min.js
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/javascript/common.js
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/javascript/respond.min.js
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/javascript/jquery.flexslider.min.js
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/javascript/easyzoom.js
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/javascript/jquery.validate.min.js
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/javascript/jquery.carouFredSel.min.js
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/javascript/jquery.mousewheel.min.js
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/javascript/jquery.touchSwipe.min.js
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/javascript/jquery.ba-throttle-debounce.min.js
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/javascript/jquery.onebyone.min.js
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/javascript/custom.js
Found in: shop.mydomain.com

Insecure URL: /shop/extensions/banner_manager/storefront/view/default/javascript/banner_manager.js
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/fonts/glyphicons-halflings-regular.eot
Found in: /shop/storefront/view/default/stylesheet/bootstrap.min.css

Insecure URL: /shop/storefront/view/default/fonts/glyphicons-halflings-regular.eot?
Found in: /shop/storefront/view/default/stylesheet/bootstrap.min.css

Insecure URL: /shop/storefront/view/default/fonts/glyphicons-halflings-regular.woff2
Found in: /shop/storefront/view/default/stylesheet/bootstrap.min.css

Insecure URL: /shop/storefront/view/default/fonts/glyphicons-halflings-regular.woff
Found in: /shop/storefront/view/default/stylesheet/bootstrap.min.css

Insecure URL: /shop/storefront/view/default/fonts/glyphicons-halflings-regular.ttf
Found in: /shop/storefront/view/default/stylesheet/bootstrap.min.css

Insecure URL: /shop/storefront/view/default/fonts/glyphicons-halflings-regular.svg
Found in: /shop/storefront/view/default/stylesheet/bootstrap.min.css

Insecure URL: /shop/storefront/view/default/image/bg_direction_nav.png
Found in: /shop/storefront/view/default/stylesheet/flexslider.css

Insecure URL: /shop/storefront/view/default/image/carousalarrow.png
Found in: /shop/storefront/view/default/stylesheet/flexslider.css

Insecure URL: /shop/storefront/view/default/image/slderleftimg.png
Found in: /shop/storefront/view/default/stylesheet/flexslider.css

Insecure URL: /shop/storefront/view/default/image/banner_shadow.png
Found in: /shop/storefront/view/default/stylesheet/onebyone.css

Insecure URL: /shop/storefront/view/default/image/circles.png
Found in: /shop/storefront/view/default/stylesheet/onebyone.css

Insecure URL: /shop/storefront/view/default/image/back.png
Found in: /shop/storefront/view/default/stylesheet/onebyone.css

Insecure URL: /shop/storefront/view/default/image/forward.png
Found in: /shop/storefront/view/default/stylesheet/onebyone.css

Insecure URL: /shop/storefront/view/default/fonts/fontawesome-webfont.eot?v=4.4.0
Found in: /shop/storefront/view/default/stylesheet/font-awesome.min.css

Insecure URL: /shop/storefront/view/default/fonts/fontawesome-webfont.eot?
Found in: /shop/storefront/view/default/stylesheet/font-awesome.min.css

Insecure URL: /shop/storefront/view/default/fonts/fontawesome-webfont.woff2?v=4.4.0
Found in: /shop/storefront/view/default/stylesheet/font-awesome.min.css

Insecure URL: /shop/storefront/view/default/fonts/fontawesome-webfont.woff?v=4.4.0
Found in: /shop/storefront/view/default/stylesheet/font-awesome.min.css

Insecure URL: /shop/storefront/view/default/fonts/fontawesome-webfont.ttf?v=4.4.0
Found in: /shop/storefront/view/default/stylesheet/font-awesome.min.css

Insecure URL: /shop/storefront/view/default/fonts/fontawesome-webfont.svg?v=4.4.0
Found in: /shop/storefront/view/default/stylesheet/font-awesome.min.css

Insecure URL: /shop/storefront/view/default/image/sprite.png
Found in: /shop/storefront/view/default/stylesheet/style.css

Insecure URL: /shop/storefront/view/default/image/offer.png
Found in: /shop/storefront/view/default/stylesheet/style.css

Insecure URL: /shop/storefront/view/default/image/sale.png
Found in: /shop/storefront/view/default/stylesheet/style.css

Insecure URL: /shop/storefront/view/default/image/new.png
Found in: /shop/storefront/view/default/stylesheet/style.css

Insecure URL: /shop/storefront/view/default/image/rate.png
Found in: /shop/storefront/view/default/stylesheet/style.css

Insecure URL: /shop/storefront/view/default/image/arrowcategory.png
Found in: /shop/storefront/view/default/stylesheet/style.css

Insecure URL: /shop/storefront/view/default/image/footericon.png
Found in: /shop/storefront/view/default/stylesheet/style.css

Insecure URL: /shop/storefront/view/default/image/gotop.png
Found in: /shop/storefront/view/default/stylesheet/style.css

Shouldn't these items be secure items in your basic installation? For what it's worth, and I don't want to switch back, but my ZenCart installation under mydomain/store folder is fully secure with my main domain's SSL certificate which is supposed to cover all folders under the domain. It appears to do that with ZenCart...why not in AbanteCart even with my UCC SSL certificate?

13
Security / SSL Certificate showing mixed usage content
« on: June 08, 2016, 08:19:55 PM »
I really like AbanteCart and have it up and running with no issues....except this one. I am not running AbanteCart out of the root of the domain, but rather in a subdomain "shop.mydomain.com". I have the SSL certificate on that subdomain and AbanteCart compes up however I am showing that it is not secure as it has mixed usage. Note: I do have all the correct settings in the "Systems|Settings|Store Details" and I do have "Use SSL" set to ON.

While I'm fairly sure that the credit card information (using the Stripe extension) would be encrypted, I'm afraid that users of my shop may be concerned (and not purchase) if they don't see the complete padlock...but instead see the padlock with a warning triangle.

What mixed usage/content might there be in AbanteCart? I am using it virtually straight out of the box with only my verbiage and five product images.

Pages: [1]