Ecommerce Templates > PHP Version Help > Setting up on a secure server

Setting up on a secure server

When using the Capture Card method, authorize.net AIM Method or PayPal PayFlow Pro, the checkout portion of the process take place on a secure server. There are two methods of doing this. One is to have a secure certificate installed on your web. (Your host can tell you if this is possible with your hosting plan). This means that you can access your web using both non secure (http) and secure (https) methods. For instance both these URLs would be valid...
http://www.yourstoreurl.com/products.php
https://www.yourstoreurl.com/products.php

If you enable a payment method that does require the checkout on a secure server, then the second stage of checkout will automatically switch to a secure server.

One thing to note is that if you are on an https connection and then click on say the link to the categories.asp page, you will remain on the https connection which is not really desirable. To overcome this you can make all your links absolute. For instance, don't link to categories.php but rather link to http://www.yourstoreurl.com/categories.php

Using a shared SSL certificate

Some hosting providers may provide shared space on their secure server. Generally this is a cheaper option as you don't have to purchase your own secure certificate, but it is a bit more difficult to set up.

The first thing you must make sure of is that you can access your database from both the secure and the non-secure areas. Your host can tell you if this is possible when you contract the secure space.

You will need to make a copy to your secure area of the thanks.php and cart.php pages. Also, you will need any images from your images directory that are used by these pages, the .css file and the whole vsadmin directory on the secure space. Make sure the database connection is set correcly in db_conn_open.php.

Now make sure the HTTPS Store URL in the main admin settings page is correct.
As above, remember to make links in your site absolute to make sure that your customers do not get stuck on the secure portion of your site.

Please do read our guide here on credit card fraud.

That's all there is to it really - any comments on the set up can be posted on our Support Forum.