1. Overview
CubeCart is dependant on the server letting it know when SSL it enabled for secure padlocked pages. It then decides if the page should be under SSL or not and redirects accordingly. It does this by checking the following server PHP variables to see if the page is loaded under SSL or not. If it matches any one of them it knows the page is secure.
Variable | Value | Type |
---|---|---|
HTTPS | true | boolean |
HTTPS | Isn't "off" | string |
HTTPS | "on" | string |
SERVER_PORT | 443 | integer |
If the page is under SSL and none of those values are found it will continue trying to redirect to the same page until the browser exceeds the amount of times it will allow redirection to the same URL.
Fixing this depends on your hosting provider and seeing if there are any PHP server variables that can be used for detection. You can compare server variables by creating a PHP file on the server and loading it up under SSL and standard page loads.
var_dump($_SERVER);
?>
It's important to refresh the page a few times to make sure the identified variable remains constant on each page load.
2. Overriding the default SSL detection code
You can write your own code to detect SSL by creating a file in the root folder of your store with the name "ssl-custom.inc.php". If this files exists CubeCart will load it up when initializing and use your code instead of its own. Below is an example which is required for gridhost.co.uk hosting customers.
if($_SERVER['HTTP_X_FORWARDED_PROTO'] == "https"){
define('CC_SSL', true); // Page has been loaded under SSL
} else {
define('CC_SSL', false); // Page has NOT been loaded under SSL
}
?>
If you have found this useful and have made specific code for your hosting provider, we would be garetful if you can share them in the comments section below.
Comments
0 comments
Please sign in to leave a comment.