Ben224 Posted October 28, 2013 Share Posted October 28, 2013 Hi I have had customers unable to complete checkout due to Captcha not loading. I have replicated the issue in both Explorer 10 and Explorer 9. I only see the title 'Verify you're Human' but no text field or image to verify. All working fine in Firefox, Safari and Chrome. My checkout is HTTPS. I have searched the problem online and I think it may be connected to having a secure page but thats as far as I have got. Loosing sales as customers using explorer cant get past Captcha. Can anyone help? Many thanks in advance Quote Link to comment Share on other sites More sharing options...
havenswift-hosting Posted October 28, 2013 Share Posted October 28, 2013 Hi Has this ever worked with IE or is this a recent problem - if so what changes have happened recently. I see you have a bespoke version of a standard skin - have you tried using a standard unmodified version of that or any other standard skin - most problems like this are due to poorly coded 3rd party skins or changes to standard skins Thanks Ian Quote Link to comment Share on other sites More sharing options...
Ben224 Posted October 28, 2013 Author Share Posted October 28, 2013 Hi Has this ever worked with IE or is this a recent problem - if so what changes have happened recently. I see you have a bespoke version of a standard skin - have you tried using a standard unmodified version of that or any other standard skin - most problems like this are due to poorly coded 3rd party skins or changes to standard skins Thanks Ian Hi Ian, This has worked before atleast I have never had any complaints before. No changes to the underlying code on this page just a few minor CSS modifications thats it and these were done a while back so no apparent connection. IE throws up a notice sayng it will on show secure parts of the page which is essentially everything but the captcha which makes me think this it is HHPS related. Thanks for responding. Quote Link to comment Share on other sites More sharing options...
Al Brookbanks Posted October 28, 2013 Share Posted October 28, 2013 Hi Ben, It may be caused by a bad SSL config. I haven't seen issues around the recapcha image before and IE. Does our demo store work for you as this has SSL configured too? If you can tell me your standard and SSL domain I can tell you what the settings should be. If you want to do this privately please raise a technical support ticket with admin and FTP access. Quote Link to comment Share on other sites More sharing options...
Ben224 Posted October 28, 2013 Author Share Posted October 28, 2013 Hi Al thanks for your response, I've checked the demo it's running fine. I guess this is a bad SSL config. I have replicated the problem on all of my sites pages that run captcha i.e. Register, Checkout and Contact. Would a bad SSL config not also cause a problem in other browsers? All but IE 10 and 9 browsers function normally. Many thanks Quote Link to comment Share on other sites More sharing options...
havenswift-hosting Posted October 28, 2013 Share Posted October 28, 2013 Hi Ben The Google Chrome developers console is very useful for diagnosing website related issues and certainversions of Chrome are more picky with things like incorrectly configured SSL but never seen problems with the reCaptcha image before and it could be that the SSL itself isnt installed correctly. Every client hosted with us uses a SSL as do a lot of CubeCart users on other hosting companies and obviously IE 9 and 10 are both extremely common browsers so dont believe that this is a general CubeCart issue but without knowing the url it is impossible to say anything more - if Al is looking at this via a ticket then sure he will find the solution but if you need help on the hosting side then let me know Thanks Ian Quote Link to comment Share on other sites More sharing options...
Ben224 Posted October 28, 2013 Author Share Posted October 28, 2013 Thanks Ian, I've had my hosting company check out my SSL config they are happy with all the settings. So now I'm stuck! It's working fine on every browser except Explorer which I really cant ignore as most of my visitors use IE. Any more ideas out there? Thanks again. Quote Link to comment Share on other sites More sharing options...
Al Brookbanks Posted October 29, 2013 Share Posted October 29, 2013 We were referring the the SSL config in CubeCart not your hosting setup. Quote Link to comment Share on other sites More sharing options...
Ben224 Posted October 29, 2013 Author Share Posted October 29, 2013 Thanks for clarifying. So in fact I should be looking at the SSL tab in my admin panel? This is what I have set up: Enable SSL : YES Force SSL mode on all pages: NO SSL root path: / SSL Store URL: https://www.jgduywffwdfdufblabla.co.uk Standard Store URL: http://www.jgduywffwdfdufblabla.co.uk When I FTP into my root folder I see the SSL folder. Hosting guys say the SSL is up and running as it should be. Does the above look correct? Is there somewhere else I should be looking? Thanks guys. Quote Link to comment Share on other sites More sharing options...
Al Brookbanks Posted October 29, 2013 Share Posted October 29, 2013 Hi Ben. You seen an SSL folder?! If you hosting have given you a separate directory for SSL tell them its no good. CubeCart MUST only operate from one directory. They need to configure SSL and standard pages to operate from the main "public_html", "htdocs" or {whatever its called} folder. Those settings look correct otherwise. Quote Link to comment Share on other sites More sharing options...
Ben224 Posted October 29, 2013 Author Share Posted October 29, 2013 Thanks I'll contact them again and post a follow up. Quote Link to comment Share on other sites More sharing options...
Al Brookbanks Posted October 29, 2013 Share Posted October 29, 2013 I'm surprised some hosting companies still do this. It basically means you can only serve static content or make the entire site under SSL which is resource intensive. Most stores use a mix of SSL and standard pages as does CubeCart. Quote Link to comment Share on other sites More sharing options...
Ben224 Posted October 29, 2013 Author Share Posted October 29, 2013 Hi Al, The response from my hosting company is where exactly do I want the SSL folder to reside. I'm a little out of my depth here so forgive my overall lack of understanding. Correct me if I am wrong but I think you are saying the SSL folder needs to be reconfigured to reside within the Public_html folder which essentially means it needs to be with all the other Cubecart files? Can I drop the file in manually via my FTP program or is that a too simplistic approach and more is required. Thanks for your patience. Quote Link to comment Share on other sites More sharing options...
havenswift-hosting Posted October 29, 2013 Share Posted October 29, 2013 Ben What hosting control panel are you using ? cPanel for example stores most of the ssl certificate files in a directory called ssl in the root folder above public_html and that is normal. Do not move any ssl directory and certainly dont put it within the public_html folder. It is difficult helping in a forum like this without more detailed information but are the domain paths that you gave earlier correct ie https://www.jgduywffwdfdufblabla.co.uk or is that just rubbish that you put to hide your true domain ? The settings you gave above from within CubeCart admin look fine Thanks Ian Quote Link to comment Share on other sites More sharing options...
Ben224 Posted October 29, 2013 Author Share Posted October 29, 2013 Hi Ian, Using Cpanel and the certificates appear to be above or outside of Public_Html in a separate SSL folder as you have said. Yes ignore the URL its just a fictitious example. Now I am confused. Are you and AL saying the same thing and I am just misinterpreting the message here? Thanks for your help again. Quote Link to comment Share on other sites More sharing options...
havenswift-hosting Posted October 29, 2013 Share Posted October 29, 2013 Hi No, Al and I are saying different things but I have just PM'd you with some specific questions Thanks Ian Quote Link to comment Share on other sites More sharing options...
Ben224 Posted October 29, 2013 Author Share Posted October 29, 2013 Thanks Ian, Al, Is it worth me re-installing the Cubecart pages that control Captcha just to rule out any possible file corruption issues and such like. Can you guys point me in the right direction on this? Many thanks, appreciate all your input so far. Quote Link to comment Share on other sites More sharing options...
havenswift-hosting Posted October 29, 2013 Share Posted October 29, 2013 If you have made no changes to any of the files then you can simply re-upload all of them for your release ! Quote Link to comment Share on other sites More sharing options...
Al Brookbanks Posted October 29, 2013 Share Posted October 29, 2013 I agree with Ian. Just upload the default files over the existing ones excluding the setup folder. Quote Link to comment Share on other sites More sharing options...
Ben224 Posted October 29, 2013 Author Share Posted October 29, 2013 I'd prefer to overwrite just the files that could possibly be effecting this issue specifically. Can you help in targeting these files? Thanks Ian. Quote Link to comment Share on other sites More sharing options...
Ben224 Posted October 29, 2013 Author Share Posted October 29, 2013 Thanks Al, I cant overwrite everything as there are changes here and there to skin files but none that effect the pages that use the Captcha facility. Can you narrow down possible culprits that may be worth overwriting? Many thanks Quote Link to comment Share on other sites More sharing options...
Al Brookbanks Posted October 29, 2013 Share Posted October 29, 2013 Why not take a backup. Overwrite, see if that works and then revert. If overwrite works we know a file customisation is to blame. Quote Link to comment Share on other sites More sharing options...
havenswift-hosting Posted October 29, 2013 Share Posted October 29, 2013 If you had taken (or can rename now) the skin that you have modified (which you should always do to stop upgrades over-writing changes) and you hadnt made any changes to the core files then there is no danger in uploading all files. Trying to over-write a few files is a lot of unnecessary work that is likely to cause a lot of problems Quote Link to comment Share on other sites More sharing options...
bsmither Posted October 29, 2013 Share Posted October 29, 2013 Would you please do this for us: On the page where you know you should be seeing a reCaptcha form, have the browser show you the page's source code. Somewhere there should be this statement:<script type="text/javascript" src="https://www.google.com/recaptcha/api/challenge?k=#hash#"></script> <noscript> .... </noscript> Also, make sure the first line is simply <!DOCTYPE html> In the file, includeslibrecaptcharecaptchalib.php, line 74, set skiplog to false for the next few tests. Also. make sure lines 38-40 look like (they have been this since 2011):define("RECAPTCHA_API_SERVER", "http://www.google.com/recaptcha/api"); define("RECAPTCHA_API_SECURE_SERVER", "https://www.google.com/recaptcha/api"); define("RECAPTCHA_VERIFY_SERVER", "www.google.com"); In the /cache/ folder, delete any file that has the word 'request' as part of the filename. In your IE browser, go to Internet Options, Security, and click on "Restricted Sites". Make sure that www.google.com is not in the list. Test by requesting a page with a reCaptcha on it. Any difference? Find a utility that will take note of all the browser request/response traffic (I think IE has a F12-Debug?). Once the page comes in from your CubeCart site, there should quickly follow a GET for the google.com reCaptcha. Then, after most of your skin's images have been fetched, there should be a series of seven additional requests to google.com/recaptcha. If those eight total GETs don't happen, IE is not trusting google.com. You may have to force the situation by using the <noscript> iframe method. CubeCart loads the skin template variable 'DISPLAY_RECAPTCHA' in these places (line numbers approximate): catalogue.class.php: 304 cubecart.class.php: 987, 1273, 2280, 2443 Quote Link to comment Share on other sites More sharing options...
Ben224 Posted October 29, 2013 Author Share Posted October 29, 2013 Hi Bsmither, Thanks for looking at this. I follow you to an extent and I have done what you suggest - I think! I get some debugging results back from our contact us page, the results of which are a series of the following line some referring to jquery as shown and others referring to various images. The images are endorsements that feature on my site and don't reside my server. SEC7111: HTTPS security is compromised by http://ajax.googleapis.com/ajax/libs/jqueryui/1/themes/redmond/jquery-ui.css contact-us.html Does this give you anything to go on? Many thanks Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.