How do I actually start my website with iPage?

Click Here To View All Answers...

First question I have is How do I actually start my website with iPage? Looking forward for any response. My 2nd question... Continued from.


That is how it is:.

DocumentRoot = '/homepages/4/d72430247/htdocs'.


= '/homepages/4/d72430247/htdocs'.


= '/homepages/4/d72430247/htdocs'. is just the iPage domain name on the ssl certificate which is shared by all the users of my service provider, it is not on another server...

Comments (90)

I'm stumped. I'm not so sure what is the answer. I'll do some Googling and get back to you if I discover an answer. You should email the people at iPage as they probably could give you help..

Comment #1

Weird... is it me? I can reach.


Instantly but.


Times out...?..

Comment #2

I just clicked the link ( now and it came straight up..

Comment #3

Hmm.. strange. It doesn't with me. And it's not DNS as the root directory comes up like stated before.....

Could anybody else be so kind as to check this for Steve and me?.



Comment #4

Comes up for me and I want that grasshopper .....

Comment #5

What browser are you using? I have a flash .swf menu at the top maybe that was stopping it from loading..

Comment #6


Using Mozilla instead of IE takes me there... So it must be me..

MS products.. aaargh..

I'm actually thinking of sending you halve a kilogram of 'frozen rodents' Linda....

They're real easy to keep.

What was your address again?..

Comment #7

Mmmh ... I see, couldn't that actually be the cause?.

   <td align =" center"><object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000".




Comment #8

You are too kind mattice ... really I cannot accept such a generous gift ... just send money instead ... :xmas:..

Comment #9

The cause of the security alert? answer no. Because I still have the security alert with out it and if you right click the other graphics on the https pages and select properties you will see the url starts with an http and not https..

Comment #10

Try it again now I have removed the flash menu, oh and I found out why the iPage site was not loading with IE there was a missing </td> I know some versions of IE are more picky than others about little things like that :oops:..

Comment #11

Okay... I never use SWF files so I didn't know if <object> stuff does or doesn't that....

Fatal error: Failed opening required 'includes/languages/.php' (include_path='.:/usr/local/lib/php') in /homepages/36/d69024189/htdocs/catalog/includes/application_top.php on line 250.

Is my latest success story in connecting to your site.. So much for my credibility.

What I do not get is why the images still show http:// with the mentioned setup.. Must be the shared setup I think....

My server:.

// ssl =

// regular =

// both point to same location.

// html source in SSL will show:.

<a href=""><img src=""></a>.

What do yours say exactly?..

Comment #12

Erm you are looking at the wrong iPage site now, homepages/36/d69024189/htdocs is (where I have my old shop) but I am setting up a new one on my new dedicated server at

Comment #13

See ... you're making it WAY to hard for simple folkes like me :oops:..

Comment #14

// ssl =

// regular =

// both point to same location.

To prove this:.



I only uploaded 1 image to my htdocs directoy..

Comment #15

Hey.. I know that penguin....

I think I've located the problem....

Do you have this on each page:.

<base href="<?php echo (getenv('HTTPS') == 'on' ? HTTPS_SERVER : HTTP_SERVER)DIR_WS_CATALOG; ?>">.

Because the source of the login.php page gives me:.

<base href="">.

That should be.

<base href="">..

Comment #16

I wish life was that simple :cry: , that is exactly what I have already on my login.php (it came from your QCV5.1 mod)..

Comment #17

Of course it wont work for me, because my.

<base href="<?php echo (getenv('HTTPS') == 'on' ? HTTPS_SERVER : HTTP_SERVER)DIR_WS_CATALOG; ?>">.

Does not work on my server...

Comment #18

See, told you you'd be coder by the end of this thread.

Tep_redirect(tep_href_link(FILENAME_DEFAULT, '', 'NONSSL'));.

Is correct in my opinion as it only warns you you are LEAVING an SSL page.... Don't know what it will do on other login-forwards though, you should test that...

Comment #19

Am am right pleased with my self now.

Here is what I done and it works. I made a copy of default.php with.

<base href="<?php echo HTTPS_SERVERDIR_WS_CATALOG; ?>">.

And saved it as default1.php and added define('FILENAME_DEFAULT1', 'default1.php'); to apliction_top and changed the code in login.php.


Yes I am the php king now lol.

Thanks a lot both of you for all the invaluble help..

Comment #20

Thanks Mattice.

I am going to bed now, this has been keeping me awake at night for the last week or so..

I really do appreciate all the help you have given me. I am glad to have it working right now and I even learnt a little php too..

Comment #21

We all can dream of big shiny gold padlocks... HUGE ONES that do not give errors... oh joy....

If I ever buy a seven foot lizard and I'm all out of neighborhood cats I'll call you for a frozen rodents coupon, okay?..

Comment #22

I don't know if this will help you or not.. but perhaps anyone else reading this.. I had the same problem but I'm running Win32 & apache and my problem was the getenv call.. I replaced the code with $_SERVER["HTTPS"] instead of getenv('HTTPS')..

Comment #23

Of course you can however though we do send livefood (insects) to The Netherlands I think the frozen rodents would be defrosted by the time they got to you..

Comment #24

Hi Guys.

I've been trying to follow what you've done in the threads and got lost!! I too am iPage hosting via 1&1 but also had this problem with another ISP in the past i.e. no golden padlock..

Can you just summarise what you finally did i.e. did you need to change the.

<base href="<?php echo (getenv('HTTPS') == 'on' ? HTTPS_SERVER : HTTP_SERVER)DIR_WS_CATALOG; ?>">.

In every page that uses the SSL? and to what?.

Site is at


Comment #25

Hi it is a bit confusing.


<base href="<?php echo (getenv('HTTPS') == 'on' ? HTTPS_SERVER : HTTP_SERVER)DIR_WS_CATALOG; ?>">.


<base href="<?php echo HTTPS_SERVERDIR_WS_CATALOG; ?>">.

0n all the pages that are https eg login.php, create_account.php etc..

When you have done that and it is working you will only get a security alert after loging in, if that bothers you and you can't follow what I did to correct that come back here and I will try to explain..

Comment #26

Excellent. That did the trick wonderfully. I've been trying to sort this out for ages. Happy Xmas and thanks a bunch to all contrbutors. :xmas:..

Comment #27

Thanks Mattice, I didn't really do anything it was all your expertise that tracked down the problem and wrote the code.

I have been thinking :idea: and this is just for my own curiosity now because as you know I have got it working now anyway but couldn't you have some kind of code like this instead..

I will write it in english because I don't know how to code php.

Get a variable & call it "basehref",   ($SERVER_NAME  = variable 'basehref');.

<<base href="<?php echo (if  'basehref' = '(put_your_http_server_name_here)' then HTTP_SERVERDIR_WS_CATALOG else HTTPS_SERVERDIR_WS_CATALOG ?>">.

If you ever find you have a spare few minutes and fancy writing a bit of code, I would love to know if something like that would work...

Comment #28

For anyone else's info. I am hsoted with Donhost and their SSL www1.secursite and this mod.


Comment #29

Hi all,.

Hope everyone is doing well. I'm new to OSCommerce, but I'm loving it..

I also host with Donhost and I just solved my missing padlock problem by replacing the base ref code with:.

<base href="<?php echo HTTPS_SERVERDIR_WS_CATALOG; ?>">.

However, while navigating thru all the pages which needs SSL, I've come across a problem with the address_book_process.php, where currently when I add a new entry, it directs me back to a non-SSL address_book.php. Can some of you guys check if this happens to you as well?.

I've just spent the last hour figuring out how I can make it a SSL direct, but no luck..

Please help..



Comment #30

Have a look in address_book_process.php at around line 171 you will see this.

// Go back to where we came from.

       if (sizeof($navigation->snapshot) > 0) {.

         $origin_href = tep_href_link($navigation->snapshot['page'], tep_array_to_string($navigation->snapshot['get'], array(tep_session_name())), $navigation->snapshot['mode']);.



Change it to this.

// Go back to where we came from.

       if (sizeof($navigation->snapshot) > 0) {.

         $origin_href = tep_href_link($navigation->snapshot['page'], tep_array_to_string($navigation->snapshot['get'], array(tep_session_name())), $navigation->snapshot['mode']);.


         tep_redirect(tep_href_link(FILENAME_ADDRESS_BOOK, '', 'SSL'));.

It would be better for us if our servers would recognise.

<base href="<?php echo (getenv('HTTPS') == 'on' ? HTTPS_SERVER : HTTP_SERVER)DIR_WS_CATALOG; ?>">.

But as they don't this seems the best way around it. Just means instead of going back to where you were after changing an address book entry you go back to address_book.php, not a big deal really and better than having a pop up security alert...

Comment #31

Thanks livefood, it worked just right!!.

One more similar problem though:.

When I add a product without being logged in, if I go to Checkout, it prompts for email and password under HTTPS. However, once I enter correct details, it takes me to a HTTP checkout_shipping.php..

I tried looking thru the code, but cannot seem to find why this is happening. Any help on this one would also be appreciated man!.

Thanks and regards,.


Comment #32


Actually I just sussed that one out by thoroughly examining your previous solution..

Again, I replaced the:.



Tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL'));.

Where it goes to checkout_shipping, else goes back to HTTP default page..

Hey I'm getting the hang of this! Time for me to now chill away from the PC!!.

Thanks Steve!.



Comment #33

That is fine if they have come from checkout_shipping.php but they may have come from the my account page or if you have it installed, the redeem gift voucher page. They may find it strange that they are then redirected to the checkout shipping page...

Comment #34

Hi Steve,.

Yes that would be a problem, but I think the code caters for that. Becos it states:.

// restore cart contents.


If (sizeof($navigation->snapshot) > 0) {.

$origin_href = tep_href_link($navigation->snapshot['page'], tep_array_to_string($navigation->snapshot['get'], array(tep_session_name())), $navigation->snapshot['mode']);.


Tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL'));.

} else {.


Which I guess means something like to redirect to checout_shipping page, else to the default page..

I just tested by logging in via My Account and Normal login, and it's working fine with the above code..



Comment #35

Hi steve,.

Actually you were quite right..

When I created an order, and tried to go the link given in the order confirmation email, it asked me to logon, and then it said shopping cart was empty, and then went back to defaulty page and did not allow me to see my order history..

So how can we resolve this issue?.



Comment #36

I am not sure that would have anything to do with the code you changed..

The only problem I had was if a new customer added products to their cart, went to checkout but then got diverted to Create account. If after creating an account they clicked the continue button they went to checkout_shipping but not on the SSL.

I thought your solution was to change that from &origin_href to (FILENAME_CHECKOUT_SHIPPING, '', 'SSL'));.

My solution was to remove that button by deleting this line.


       <td align="right"><br><?php echo '<a href="'$origin_href'">'tep_image_button('button_continue.gif', IMAGE_BUTTON_CONTINUE)'</a>'; ?></td>.


Comment #37

Please tell me that what I found works and it's not going to mess up my iPage site : What I did.

From this.

<base href="<?php echo (($request_type == 'SSL') ? HTTPS_SERVER : HTTP_SERVER)DIR_WS_CATALOG; ?>">.

To this.

<base href="<?php echo (($request_type == 'SSL') ? HTTP_SERVER : HTTPS_SERVER)DIR_WS_CATALOG; ?>">.

Just moved the https to the end and walla my glod lock appears!.

I did this for every page and whata ya know it works I hope this won't mess thing up !.

Running on win2k server IIS 5.0 My own ssl..

Comment #38

Also changed this in application top ...

From this.

$request_type = (eregi($HTTP_HOST,HTTPS_SERVER)) ? 'SSL' : 'NONSSL';.

To this.

$request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';..

Comment #39

Got a better solution now with the new MS1 release have a look here:.


Comment #40

Ok, solution on page 7 seemed to be working - my login page is now secure, and if I go directly to the account.php page, with same changes, it's all secure as well..

PROBLEM: When signing in from the login page, when it goes to "process", it seems to then switch from secure to unsecure. Any ideas how to fix?.

Here's the line I presume would need fixing in the login.php:.

<?php echo tep_draw_form('login', tep_href_link(FILENAME_LOGIN, 'action=process', 'SSL')); ?>.

Thoughts? It's KILLING me! I have an SSL cert, it's been installed, but I'm just having these horrid problems..

Thanks in advance..


Comment #41

To land on secure, toss the SSL on the end..

If on secure and going to another page ... go to SSL.

The next click will take you back to NON-SSL if that is where you should be...

Comment #42

I must be getting bleary-eyed...that went totally over my head and made my brain go <plink>..

Are you saying that if I'm trying to go to a secure page I should get RID of (toss) the 'SSL' part of that statement? Just curious. I WANT to be going to a secure page - My Account information..


Comment #43

In other words...would I change it from this....

<?php echo tep_draw_form('login', tep_href_link(FILENAME_LOGIN, 'action=process', 'SSL')); ?>.

To this?.

<?php echo tep_draw_form('login', tep_href_link(FILENAME_LOGIN, 'action=process')); ?>.


Comment #44

No ... I am saying if already on a SSL page you want to always be redirected to a page via SSL.

Then, if that page is not normally an SSL page, the next click will turn it back to NON-SSL.

Example: You are on login.php and it says Success! That is a SSL page. Continue takes you to default.php ... this also needs to be SSL (for the moment) the next click will turn off the SSL..

Comment #45

Right. I understand that. But for some reason, even though the line indicates SSL for the Account Process function, it takes me to a non-secure version of account.php..

If I manually go from the.


(after logging in) to the https version, it's there, has the padlock, no errors, etc. But the problem is that the login.php isn't taking me to the secure version of the page..

Why oh why?.



Comment #46

Oh ... you have the.

Evil error.

Like Steve had that I haven't the foggiest notion why that happens. :shock:..

Comment #47

But you're the OSC.


!!! How can you not know.

Man, I'm going to go nuts. So close, and very, very far :cry:.

If you think of anything, let me know. I'm going to be sitting here pulling my hair out with my toddlers wondering why Mommy's gone crazy!.


Comment #48


Around line 20 is the code.

If (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'process')) {.

   $email_address = tep_db_prepare_input($HTTP_POST_VARS['email_address']);.

   $password = tep_db_prepare_input($HTTP_POST_VARS['password']);.

I just changed it to.

If (isset($HTTPS_GET_VARS['action']) && ($HTTPS_GET_VARS['action'] == 'process')) {.

   $email_address = tep_db_prepare_input($HTTP_POST_VARS['email_address']);.

   $password = tep_db_prepare_input($HTTP_POST_VARS['password']);.

So far, anyhow, on login.php going to account.php, it seems to be working fine!! WOW!! I can't believe I found it!!.


Comment #49

And of course, the reason I couldn't believe I'd figured it out was because I HADN'T!!!.

Damn! Back to the drawing board. It just took me right back to the login page..


Comment #50

Umm ... I am not seeing the code difference. :shock:..

Comment #51

I'd added an 'S' to the HTTP call in the first line..

Sorry. Should have been more specific. Of course, it didn't actually work so it doesn't really matter afterall..



Comment #52

Hi all,.

So like... has anyone figured this one out yet?.



Comment #53

And I still think it has something to do with this:.


Also I have:.

<base href="<?php echo HTTPS_SERVERDIR_WS_CATALOG; ?>">.

Because if I'm not logged in, and I click My Account, it goes SSL to login. If login successful, then it goes back to original file I wanted to go to, which was non-secure by default..

Is there any way of specifying, that the My Account, Order History and Checkout pages must always be SSL?.



Comment #54

Continued from.


That is how it is:.

DocumentRoot = '/homepages/4/d72430247/htdocs'.


= '/homepages/4/d72430247/htdocs'.


= '/homepages/4/d72430247/htdocs'. is just the iPage domain name on the ssl certificate which is shared by all the users of my service provider, it is not on another server...

Comment #55

Can I visit your catalog? Is it online somewhere? (couldn't find it on, get a 'parked domain' page.. /catalog is forbidden).



Comment #56

Unfortunately it returns: for both.




But I think this could give me a solution as I could register the iPage domain also and have that point to the same directory as and then set up my sslrelay thing to point to.


Then do your test above and then have.

If ($SERVER_NAME  == '') {.

  define('HTTPS', 'on');.


I am quite excited now..

Comment #57

I'm not sure wether that should work as $SERVER_NAME needs to return the ..well server name.


You can set this in your VirtualHost setting: in httpd.conf use directive.


So you might just want to ask if your provider can do that for you..

Get a DNS alias for and point that to Set the ServerName directive and you're on your way....

In any case my solution of forcing osC to use the HTTPS as <base href> will be good enough..

It's what should happen with the if /else getenv() code anyway..

So you just force it on about 10 pages that require SSL..

Saves you some money... Think about the benefits....

Get yourself some more frozen rodents for Xmas!..

Comment #58

Just tried it on my main iPage site which can be reached by as well as uploaded 1 file test.php to htdocs and.






So it looks like the option will work.

Many thanks for all your time, I will let you know how I get on...

Comment #59

Yeah it should,.

But only if you have them set the ServerName directive for it.


And it will look a lot cleaner then the link..



Comment #60

Ahh this solution works great! - I get the magikk gold lock thingy showin Thanks guys lol...

Comment #61

Right I now have.






So I put.

If ($SERVER_NAME  == '') {.

  define('HTTPS', 'on');.


Near the bottom of aplication_top.php but I still don't get the gold padlock :cry:.

Do I need to change anything in.

<base href="<?php echo (getenv('HTTPS') == 'on' ? HTTPS_SERVER : HTTP_SERVER)DIR_WS_CATALOG; ?>">..

Comment #62

Hey Steve, I am using 1&1 as my webhost as well and this is exactly what I have done to get it working:.

1) Made sure that my /catalog/includes/configure.php is correct. Looking at your iPage site it seems to be correct becuase when I click login it takes me though the secure server, so you dont need to worry about that..

2) Opened catalog/login.php and modified the 71st line to.

<base href="<?php echo (getenv('HTTPS') == 'on' ? HTTP_SERVER : HTTPS_SERVER)DIR_WS_CATALOG; ?>">.

3) Repeat setp 2 for every page I want displayed with the little padlock: account.php, account_edit.php, checkout_payment.php and so on..

That's it! I have not changed anything else. If you still have a problem with this maybe it's your configure.php becuase I remember having problems with that before. Let me know and I will post mine for you to compare...

Comment #63

Oh damn.. stupid of me.. it doesn't swallow the define as an environment variable :oops:.

Seems you will still have to edit the files anyway....

Drop the application_top bit and edit any file that needs SSL and change to:.

<base href="<?php echo HTTPS_SERVERDIR_WS_CATALOG; ?>">.

And for anyone wondering (where is everybody anyway?):.

AFAIK putenv() will only work if you're server is running PHP in safe mode..

And even then it must be specifically allowed to set the variable....

Ahh... it could have been so beautiful.....

Comment #64

What you do with that code is tell it to look for the env HTTPS (which doesn't exist) so then it always defaults to HTTPS_SERVER... It's reversed logic and it does a useless (as we know the outcome allready) check on every SSL page.... But the result is correct.. that's true..

Comment #65

I know I was excited about that too :cry:.

I have changed all the https pages to.

<base href="<?php echo HTTPS_SERVERDIR_WS_CATALOG; ?>">.

But will that give me the same effect as if it had worked properly on my server with the original OSC code, because now I get the security alert after loging in ie. after I log in it takes me to.


And not.


Comment #66

I just created an account... and that went from.

Http:// default.php.


Https:// login.php.


Https:// create_account.php / success.

And then to.

Http:// default.php again....

So to me it seems to behave normally...?..

Comment #67

I have just tried creating a new account too and you are correct it does that right, but if you go back now and login after login it will take you back to.


Why's that?..

Comment #68

I have no idea if this will cause problems on other pages (we're getting in the trial and error area here.

) but you could try changing the following in login.php:.



Tep_redirect(tep_href_link(FILENAME_DEFAULT, '', 'NONSSL'));..

Comment #69

Just a note here ... the fix on the Security Alert is to go from SSL to SSL then non-SSL ... so you will get the secure page on the first redirect then it vanishes on the next click ... :shock:..

Comment #70

Yeah... that's true... whenever I login on my local server I get forwarded to 'My Account' in SSL mode... Duh..

So how come this acts differently?.

Shouldn't this take you to "My Account" too?..

Comment #71

If he is using my fixes ... they do that so there are no Security Alerts..

You are making his gold lock show up ... I just make the Alerts go away ... 8)..

Comment #72


Still in the race for those frozen rodents then are you?..

Comment #73

I have just been to your iPage site Ajeh and logged in and after log in it takes me to.


But no security alert and a lovely gold padlock.

But on my iPage site after login it takes me to.


But with the security alert and no gold padlock (the images are being called from the http url) I can live with that , it's not a big deal but it would be nice if it worked like yours..

Comment #74

If I do this.

Tep_redirect(tep_href_link(FILENAME_DEFAULT, '', 'NONSSL'));.

I get an alert that I am about to be redirected to a page that is not secure if I leave it as it is I get an alert that the page contains both secure and insecure items :?: :?..

Comment #75

Try the best of both:.

Tep_redirect(tep_href_link(FILENAME_DEFAULT, '', 'SSL'));.

You will be on a SSL page, no alert and next click will be no SSL page, just like mine .....

Comment #76

This question was taken from a support group/message board and re-posted here so others can learn from it.