Shopping Cart not entering SSL

sean_nwfs · March 07, 2016, 17:41:53 PM

I am running VM 3.0.12 on Joomla 3.4.8 and for some reason our cart page isn't entering SSL. If someone gets to our catalog via a direct link and doesn't go through our menu then the catalog is displayed in HTTP. When they select items to add to cart and then view the cart it should show the cart in SSL. We have the expected SSL boxes checked in VM (Enable SSL for sensitive areas (recommended)) and the menu items are set to secure. I even added a hidden menu item "View Cart" and set that to secure as well.

How can I force our cart to display as SSL? Shouldn't it be doing this with these settings automatically? Seems like this could be a PCI problem.

GJC Web Design · March 07, 2016, 23:25:10 PM

you have a valid ssl cert and https works correctly when you manually access it?

sean_nwfs · March 08, 2016, 00:24:50 AM

Yes. It works fine when I navigate to a page manually with https. It has been verified by the web host.

GJC Web Design · March 08, 2016, 00:31:55 AM

tried without sef enabled as a test?

sean_nwfs · March 08, 2016, 01:41:13 AM

SEF off does not fix the problem. It still shows the spot to enter the credit card in the cart and the cart page isn't secure.

Jörgen · March 08, 2016, 08:13:21 AM

Hello

Have You set Force SSL in Joomla NOT VM?

regards

Jörgen @ Kreativ Fotografi

sean_nwfs · March 08, 2016, 18:08:51 PM

Jörgen,
We have a lot of print material and automatically generated links that point to specific menu items (hidden and not) that would break if we force SSL for the whole site. This doesn't work for us. I'd rather make an effort to get the cart working as intended before we do a drastic step like this.

Studio 42 · March 09, 2016, 00:01:00 AM

Hi,
I think only some specific links don't use SSL in your case. So check what are this links (modal box for eg) and send back your exact problem.
If you have correctly set menu, only some direct link to cart can have bad http links.
If this is from modal,then change the code generating this links in core. Or add this in the bug report forum section.Because to solve some problem, i know that the modal link are raw links and don't use standard joomla SEF.

Milbo · March 10, 2016, 19:27:05 PM

Just use the last version, we fixed that around january

sean_nwfs · March 10, 2016, 22:37:01 PM

I am currently running VirtueMart 3.0.12. I don't see a newer version. Where would I update this?

GJC Web Design · March 10, 2016, 23:04:19 PM

I assume Max means http://dev.virtuemart.net/attachments/download/992/com_virtuemart.3.0.13.6_extract_first.zip

sean_nwfs · March 11, 2016, 00:04:16 AM

It is working better but if someone is in the "View Cart" link it still doesn't force HTTPS. http://symptopro.org/view-cart.html The non-sef cart link does force SSL. I have the view cart link as a hidden menu item and the Metadata tab option for "Secure" is set to "On" but it doesn't force it. All my other links appear to be forcing SSL. This is much better but I would like to figure out how to force this link.

jenkinhill · March 11, 2016, 00:06:14 AM

.htaccess ?

Studio 42 · March 11, 2016, 00:10:46 AM

If you use external link, this is not always converted by Joomla.
So use menu link type > alias and use your hidden cart link as source, or for internal PHP code, use jRoute.
You can add in .htaccess redirection 301 for the other cases(external link).

sean_nwfs · March 11, 2016, 20:11:28 PM

I am using the menu link type> Virtuemart Cart vs an external link. I'll see about trying the .htaccess redirect and let you know.

News:

Shopping Cart not entering SSL