logo
Welcome to our new AbleCommerce forums. As a guest, you may view the information here. To post to this forum, you must have a registered account with us, either as a new user evaluating AbleCommerce or an existing user of the application. For all questions related to the older version of Gold and earlier, please go to AbleCommerce Gold forum. Please use your AbleCommerce username and password to Login. New Registrations are disabled.

Notification

Icon
Error

Options
Go to last post Go to first unread
Katie S  
#1 Posted : Friday, October 27, 2023 3:32:44 PM(UTC)
Katie S

Rank: Advanced Member

Groups: System, Administrators, Developers, Registered, HelpDesk
Joined: 10/29/2018(UTC)
Posts: 472

Thanks: 4 times
Was thanked: 34 time(s) in 33 post(s)
IMPORTANT UPDATE: New Issue with Chrome and older AbleCommerce Stores

DETAILS:

The problem happens in the older versions of AbleCommerce where there is a mix of non-SSL and SSL pages. Chrome forces the SSL version which sends AbleCommerce into an infinite redirect because the code is forcing the non-SSL version. The result is that any non-SSL page (such as the home page) will not load.

WHO IS AFFECTED?

This is a new issue that is affecting ALL versions of AbleCommerce 7 and AbleCommerce versions Gold R1 through Gold R10.

If you are running AbleCommerce Gold R11 or higher, you should not be affected by the change as long as you have your entire site SSL enabled.

FIX FOR ABLECOMMERCE GOLD R10 and below

Disable SSL:
1. Login to AbleCommerce Admin
2. Go to Configure > Security > General page
3. Uncheck the SSL Enabled box and Save.

4. Backup and open the web.config in the root of the store/website. Make the following changes:

AFTER THIS LINE:

Code:
<urlCompression doStaticCompression="true" />


ADD THIS BLOCK OF CODE:
Code:

	<rewrite>
            <rules>
		<rule name="Redirect to Default Page" stopProcessing="true"> 				
		    <match url="^$" /> 				
			<action type="Rewrite" url="/default.aspx" /> 			
	        </rule> 			
                <rule name="HTTP to HTTPS Redirect" stopProcessing="true">
                    <match url="^(default.aspx|AboutUs.aspx|ContactUs.aspx|Basket.aspx|Search.aspx|.+?-C\d+\.aspx|.+-P\d+C\d+\.aspx)$" />
                    <conditions>
                        <add input="{HTTPS}" pattern="on" />
                    </conditions>
                    <action type="Redirect" url="http://{HTTP_HOST}/{R:0}" redirectType="Permanent" />
                </rule>
            </rules>
        </rewrite>


JUST BEFORE THIS LINE:

Code:
</system.webServer>



FIX FOR ABLECOMMERCE 7

1. Backup and open the web.config in the root of the store/website. Make the following change.

AFTER THIS LINE:

Code:
<urlCompression doStaticCompression="true" />



ADD THIS BLOCK OF CODE:

Code:
	<rewrite>
            <rules>
                <rule name="HTTP to HTTPS Redirect" stopProcessing="true">
                    <match url="^(default.aspx|AboutUs.aspx|ContactUs.aspx|Basket.aspx|.+?-C\d+\.aspx|.+-P\d+C\d+\.aspx)$" />
                    <conditions>
                        <add input="{HTTPS}" pattern="on" />
                    </conditions>
                    <action type="Redirect" url="http://{HTTP_HOST}/{R:0}" redirectType="Permanent" />
                </rule>
            </rules>
        </rewrite>


JUST BEFORE THIS LINE:

Code:
	</system.webServer>



2. Save and test the website.

Edited by user Wednesday, February 7, 2024 1:13:36 PM(UTC)  | Reason: Not specified

Thanks for your support!

Katie
Secure eCommerce Software and Hosting
thanks 1 user thanked Katie S for this useful post.
MaximillianC on 2/7/2024(UTC)

Wanna join the discussion?! Login to your AbleCommerce Forums forum account. New Registrations are disabled.

MaximillianC  
#2 Posted : Wednesday, February 7, 2024 1:43:14 PM(UTC)
MaximillianC

Rank: Member

Groups: Developers
Joined: 6/4/2020(UTC)
Posts: 16

Thanks: 5 times
Katie,

Thanks for posting this fix. It looks like this fix basically works by overriding the JavaScript redirects that AC Gold is doing, which Chromium can't detect (so it can't prevent the resulting redirect loops), with HTTP redirects, which Chromium can detect, and therefore will honor... does that sound correct?

The only thing is, we want our entire AC Gold R6 site to use HTTPS, including the home page. Is there a way to get AC Gold versions prior to R11 to do the entire site in HTTPS? Does turning off the "SSL Enabled" functionality in AC just disable the SSL redirecting completely? If so, would we then be able to use IIS URL Rewrite to just rewrite all HTTP requests to the site to be HTTPS?

Thanks again!

Edited by user Wednesday, February 7, 2024 1:43:54 PM(UTC)  | Reason: Not specified

Users browsing this topic
Guest
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.