Announcement

**saucysal** · 01-Sep-2015, 08:31 AM

Problem with email?

Yes, it is very slow on Confirm Order/Saving Order. I am thinking this is connected to sending the email. Since removing ssl from the Checkout, in fact since the problem started with the Checkout Monday morning, I have no received my usual copies of the order receipts, suggesting the customers are not getting them either. I don't know why removing ssl will have affected this.

I use Sendgrid for the smtp (smtp.sendgrid.net).

Any suggestions as to why these are connected?

Sarah

**saucysal** · 01-Sep-2015, 08:41 AM

May have sorted

I have found that my doing a purge and refresh yesterday appears to have undone some settings for the sendgrid port in Actinic.pm and in TestSettings.pl. I have re-done these. If that does not work, I shall try changing the port. I have it as 2525, which was working fine with the ssl, but I may need to change it, perhaps to 587. I'll see.

Sarah

**saucysal** · 01-Sep-2015, 08:51 AM

That sorted it

I have put port 2525 back in those two files and the emails are now working and the Confirm Order is quicker. I should have thought of that sooner!

Sarah

**gedgec** · 01-Sep-2015, 11:11 AM

We are having exactly the same issue with our site which we have fixed by disabling SLL. We are also with 1&1.

I would suggest that there is an issue with the 1&1 SSL servers. Have they got back to you yet? We are now calling them.

**guccij** · 01-Sep-2015, 05:02 PM

I think it depends on your sort of package with 1&1. We are also with them and have no problems with SSL. Ours is a dedicated server though.

**saucysal** · 02-Sep-2015, 01:37 PM

1&1 and SSL

On Monday I rang 1and1 who were supposed to be trying to fix theproblem, and told them that I had disabled the ssl in the Checkout and that this sorted it, but I wanted to know why. They looked into it and said that the ssl certificate needed updating, which I did while they where on the phone. It annoyed me that they did not do this automatically, and that customers could not order for 14 hours as they did not find this out.

On Tuesday I re-applied ssl in the Checkout, but got the same 500 error message so had to disable it again, so updating the certificate made no difference. Continuing now without ssl.

I got an email from 1and1 a day after I had solved the problem, telling me that the problem was with the .htaccess file. However, I do not have an .htaccess file in my root directory, so they were wrong, just giving a standard answer as supplied in their FAQ. Not amused.

I have this forum to thank for solving the problem.

Sarah

**malbro** · 02-Sep-2015, 03:46 PM

Originally posted by saucysal View Post

On Monday I rang 1and1 who were supposed to be trying to fix theproblem, and told them that I had disabled the ssl in the Checkout and that this sorted it, but I wanted to know why. They looked into it and said that the ssl certificate needed updating, which I did while they where on the phone. It annoyed me that they did not do this automatically, and that customers could not order for 14 hours as they did not find this out.

On Tuesday I re-applied ssl in the Checkout, but got the same 500 error message so had to disable it again, so updating the certificate made no difference. Continuing now without ssl.

I got an email from 1and1 a day after I had solved the problem, telling me that the problem was with the .htaccess file. However, I do not have an .htaccess file in my root directory, so they were wrong, just giving a standard answer as supplied in their FAQ. Not amused.

I have this forum to thank for solving the problem.

Sarah

1and1 support is notorious for their inability to solve problems, I have two servers with them and have long since given up on using their support. They got short shrift earlier today when they rang me to try to get me to try out some new package.

**Mike Hughes** · 03-Sep-2015, 09:43 AM

B*****ks. It's happening to me now (since sometime yesterday). Was OK when I checked on tuesday.

The problem happens during the bounce to SSL at checkout. Turning off SSL now.

And all working again after an upload.

PITA but I guess that puts an end to me bothering with SSL on checkout.

And my SSL certificate is good until late October so I'd say that's not the problem.

Mike

**zgap111** · 04-Sep-2015, 08:43 AM

Thanks for the posts everyone.. We've just encountered this problem.

Dedicated server = ok
Shared = 500 Error

Any headway with 1and1 on this issue? Should I call them also?

**zgap111** · 04-Sep-2015, 08:48 AM

I found that browsing the site (https://) works, but error comes up when you checkout...

= cgi-bin/scripts problem?

**zgap111** · 04-Sep-2015, 02:08 PM

Now that we've switched off SSL... is there a quick way to check that it's fixed ? (without re-enable & re-upload)

- Without SSL = we did used to get a lot of customers saying there's no padlock, so we prefer to have the SSL enabled on checkout (even though payment is done via Paypal/Sellerdeck Payments)

**Mike Hughes** · 04-Sep-2015, 04:17 PM

It seems to be a problem running the scripts from SSL, possibly because of problems mirroring the cgi-bin.

One way I can make it fail (where I don't think it should) is:

1. Do a quick search on your site for a product
2. On the result page insert https:// before the www. and hit return

If it fails: problem still exists
If it passes: problem has been fixed.

If there's a known site without the problem then we could test this method just to make sure it works the way I think it should.

Mike

**peblaco** · 04-Sep-2015, 07:23 PM

I was looking at URLs, Perl scripts use a query string .pl? and an action. If changing to https then changing ? to %3f which is URL Character Code for a question mark, the page runs without the Internal Server Error, but the base href tag not correctly set so styling is missing. Which indicates SSL is running in the /cgi-bin/ but not correctly.

**Mike Hughes** · 05-Sep-2015, 09:33 AM

Interesting stuff Louise.

I've also had a look and as you say changing the ? does let the scripts run.

I'm not sure it's the basehref though as one of the links on my site is just a plain filename.html link and clicking that takes me to the correct page which suggests the basehref is working.

Inspecting the page says that the CSS elements, etc are blocked because they are being accessed via http rather than https, presumably because the basehref is just http://

Mixed Content: The page at 'https://www.firsttackle.co.uk/cgi-bin/ss000001.pl%3fpage=search&SS=wallet&ACTION=Go%21&PR=-1&TB=A' was loaded over HTTPS, but requested an insecure stylesheet 'http://www.firsttackle.co.uk/acatalog/1External.css'. This request has been blocked; the content must be served over HTTPS.

It is odd though as standard pages on SSL (not served via the cgi-bin) display fine with a couple of less serious warnings.

I'm still trying to get my head around this. Not there yet. It kind of suggests that having everything display under https should fix it (with the ? change) but that opens other issues.

Edit: I've checked and Sellerdeck should set the basehref to HTTPS for the relevant pages when SSL is set in sellerdeck. As it's now turned off this isn't happening. It still doesn't explain why the standard pages show fine under SSL even without the basehref having https in them. I'm still confused

There's also the issue that my server seems to be using TLS 1.0 and I'm sure I read somewhere that Chrome was going to stop using this. Possible another issue that would need to be sorted.

Mike

**Mike Hughes** · 05-Sep-2015, 10:15 AM

I've tried turning on SSL in the checkout again but there seems to be multiple issues at work here.

The SSL bounce does use a ? before the 'action' and changing that to %3f does let the scripts run but then I get a 404 page not found error with it's own problems.

I can't leave it like this, so switching SSL off again.

Mike

PS. My uploads are running much slower than they used to do with the slow bit being sending compressed files. I wonder if 1and1 have turned off something that sellerdeck needs for encryption to work properly.

PPS. Checking the perl modules on 1and1 I see that they do have Archive::Zip but not ActEncrypt1024. Wasn't this there before?

Announcement

Error 500 Internal Server Error

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment