Announcement

**Mike Hughes** · 03-Feb-2005, 03:30 PM

there is ocasionally a problem with firewalls, but the last one I was aware of was with Norton and was fixed in 6.1.5.

I'm not sure why ZoneAlarm decided your cookie was from a 3rd party and decided to block it. I assume you have a straightforward actinic installation on a single domain? i.e. no other domains or subdomains being used?

Mike

**lefty** · 03-Feb-2005, 05:35 PM

Thanks for your time Mike. We do have a standard installation on a single domain. Also, I have uploaded the Actinic example site "out of the box" and got the same person to try to place an order on that and he had exactly the same problem there.

This afternoon I have had another customer phone to say that he could not checkout his order as his basket kept emptying - I did not get to speak to him myself but I guess it is the same problem. I wonder how many more people want to place orders on our site but cannot and do not get any warning or error message to tell them why?

I do know from our stats that about 35% of unique visitors who start a basket never make it to the first checkout page. Anyone else got any stats on this they don't mind sharing?

I have reported this problem to Actinic support and they are looking at it as well, but no answers yet. This seems pretty important to me as I am sure it is costing us lost orders.

**steveaich** · 04-Feb-2005, 10:37 AM

I had a similar problem, it was caused by customers starting on www.blushingbuyer.com and then moving to www.blushingbuyer.co.uk partway through placing the order. I see from your site that you have anythinglefthanded.co.uk and anythingleft-handed.co.uk. It could be this that may be causing the problem. I'm trying to remember how I solved it, I think I hard coded all the url's that go to any cgi script to go to http://www.blushingbuyer.co.uk rather than ../ This seemed to solve the problem. (We did loose a few customers but it wasn't many)

**dave_finlayson** · 04-Feb-2005, 10:44 AM

Keith,

Just tried to order from the site with standard medium Zone Alarm settings and whilst it lets you add to the cart when you proceed to checkout it says the basket is empty (as explained). However, our site works with no problems so it could be an issue with your site as opposed to Zone Alarm!

Hope you get it fixed.

Dave

**steveaich** · 04-Feb-2005, 10:45 AM

Sorry, after looking at you site in more detail, this won't help, you just use a frame to redirect from lefthanded to left-handed whereas we are using domain mapping in apache, so ignore me.

**dave_finlayson** · 04-Feb-2005, 10:57 AM

Additionally if I add both anythinglefthanded.co.uk and anythingleft-handed.co.uk to my site list in Zone Alarm shopping will only work if you allow 3rd Party cookies on anythingleft-handed.co.uk not if you reverse it and allow them on anythinglefthanded.co.uk but block on the other. Could it be your baseref appears different from your actual URL?

Dave

**lefty** · 07-Feb-2005, 04:40 PM

Thank you both for your contributions.

I think the anythinglefthanded.co.uk domain is a red herring - it is not used on our shop site in any way, we just have a redirect from it in case anyone mistypes our name.

Dave, I see you managed to replicate the problem with ZoneAlarm, but you do not have it on your own site. I have got a test site on another of our domains withn the same hosting company which is the completely standard Actinic example shop and my customer had the same problem with that. It is at

http://www.left-handersday.com/test_shop/acatalog/

If you have time, could you see if you can create a basket and checkout there with your ZoneAlarm settings. If it doesn't work there, could it be something to do with the way our host has things configured?

I am not sure what the "baseref" issue is? Our site IS taking most orders quite hapily, so I guess it cannot be something really major that is set wrong.

**Mike Hughes** · 07-Feb-2005, 07:04 PM

there are two things that I think you should take a look at:

1. The 'redirect' from the non-hyphenated site doesn't appear to be a redirect. It looks to me like a framing solution which could confuse the browser and any firewall about which site you're actually on (and thus whether the cookies are 3rd party or not).

2. When on the non-hyphenated site, my IE is blocking a cookie and reporting that the hyphenated site doesn't have a privacy policy ??? (there's no such error on the hyphenated site itself).

Personally, I suspect it is the multiple domains that is causing you a problem and would change the redirect to a 301 permanent redirect rather than using framing.

Mike

**dave_finlayson** · 07-Feb-2005, 07:57 PM

Keith,

Your example shop works perfectly with standard ZoneAlarm settings (i.e 3rd party cookies blocked). Just tried again on anythingleft-handed.co.uk and it appears I can now place an order (with 3rd Party Cookies blocked). Have you changed anything or did you discover the fault?

Would be very interested in the outcome to this

Dave

**lefty** · 08-Feb-2005, 11:22 AM

Thanks again for the help.

I am not sure the no-hyphen domain redirects are the direct cause of the basket problem as the customer who identified the problem went direct to our main site and was not redirected. Also, he had exactly the same problem on the example site

That said, I DO think the redirect is a separate problem worth looking at. The redirect from the no-hyphen domain is set by our host for that domain uk2.net and was set to use a frame to keep the domain name in the window title bar. I have now turned that off and will see what happens. I do not currently have web space with this domain so I don't think I can do a 301 redirect.

The log for the no-hyphen domain seems to show some cookie errors and also quite a few 404s where it is looking for files that actually reside on our main site and I cannot see why they would be requested on the no-hyphen domain. I have captured the last 1000 lines of the log file and uploaded it to our site here in case it gives any clues as to what is happening.
http://www.anythingleft-handed.co.uk...direct_log.txt

The 404s have a referrer of
http://www.anythingleft-handed.co.uk...ON=COOKIEERROR
plus some have
http://www.anythingleft-handed.co.uk...CTION=SHOWCART

I have checked our network settings and the no-hyphen domain www.anythinglefthanded.co.uk is not mentioned anywhere. I have also searched for the string "anythinglefthanded" in Design | Text and in all files in our Site1 directory - nothing. Is it possible that an Actinic script is somehow dropping the hyphen from the domain name when dealing with cookie errors and baskets in certain situations?

I cannot replicate the problem of cookies being blocked in IE for the no-hyphen domain.

Re: Dave's comment - I am now very confused!! I have not changed anything in either the main or example shops but it now seems to work?

Any more ideas greatly appreciated!

Keith

**lefty** · 08-Feb-2005, 11:39 AM

Just noticed that if you click on the COOKIEERROR link above it diaplys the page with no .css formatting or images. In the page source of the resulting page it includes the line
<BASE HREF="http://community.actinic.com/acatalog/"></Actinic:BASEHREF>

I don't understand the BASEHREF variable, but is it possible this is something to do with the problem?

The relevant line in our shopping cart pages template is
<Actinic:BASEHREF VALUE="NETQUOTEVAR:BASEHREF"/></Actinic:BASEHREF>

Keith

Announcement

Firewalls and Cookies preventing orders

Firewalls and Cookies preventing orders

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment