Author: mccormicky

HTTPS for the Checkout Page in WordPress Ecommerce

Using this plugin Admin-SSL.
Don’t be surprised if you can’t find this plugin’s config page. It gets installed in the Plugins menu after you activate it. You can switch it to be in the Settings menu but after you find it! Yeah, yeah, yeah, I know but whatever this plugin works!

Securing the Checkout Page
Go to http://yoursite.com/your wordpress folder/wp-admin/options-general.php?page=admin-ssl-config.
Use the Additional URLs box to put in the your order/checkout page. If you aren’t using(or can’t) use permalinks your URL might look like this: ?page_id=12. Except it won’t be 12, it will be the number id that your order/checkout page is. I was so used to being able to use custom permalinks that I was a bit lost when faced with what part of the URL goes there when I came across another server that had not set up mod_rewrite properly.

You can also change the location of your shoppingcart URL to https in Ecommerce>>Settings>>Admin but you will still need this plugin to convert all the URLs to https otherwise your little lock icon will be broken and the addressbar will not turn blue or green if you have spent the big $$$ for an extended SSL. These days online shoppers are warned over and over not to submit credit card numbers on non secure websites. So even if you have purchased and installed your own private SSL certificate and your web page is secure it won’t look like it with a broken lock icon!

I tried using the https-for-wordpress plugin – but you could remove the “s” and still view the order page. Admin-SSL will redirect back to https no matter what and only yhe pages you want to use https will use https. Even though any file or link URL in the document or on the page are auto converted to https, once a site visitor follows any of these links they are redirected back to http. Https-for-wordpress also was not able to convert every link from http to https, namely some files called by plugins in the header theme file.

You can translate trust into sales so it’s a good idea to spring for a proper SSL certificate if you plan on collecting CC numbers anywhere on your site.
The author of this plugin says it can be used for Shared SSL as well.

Oh Duh Moment #44

If you are adding a new site to Google Webmaster Tools that uses the www. prefix, you should add the site as www.domainname.com. Otherwise when you submit the sitemap there are going to be errors. Told you it was an “oh duh” moment.

Upgraayyeded

My personal site is now powered by WordPress 2.7 and I waited only a week this time to upgrade. The siren song of all the amazing new features promised in 2.7 was too tantalizing to ignore. I am not going to go on and on about how different it is and what I like and don’t like because that’s been covered many times already in many other blogs.
I’m not that worried about my clients; whether or not they will get shock from the new admin (which is now all sleek,slinky and silvery ) because I booted them up to 2.5 with out a warning and they did not freak out then. Although because it is such a change I feel some sort of warning is in order.But I do like it.I think it is going to help my clients find things faster and I won’t have to send them direct links anymore-maybe.
Possibly the best new feature is the ability to make a post “sticky” from the also new Quick Edit option in Posts-Edit.Plain awesome.
I find the easiest way to upgrade is to turn off all my plugins and delete the wp-admin and wp-includes folders and all the wordpress root files except wp-config.php and index.php and of course .htaccess.Then upload the new folders and files and upgrade the database and then re activate all the plugins.I have only had problems uploading with ftp(timeouts with large files and images) but that has never killed any site.It’s just a pain in the butt.Thankfully once all my sites are using 2.7 when there are new versions I can click upgrade and be done with it.Although it must still have to be done with ftp at least I won’t have to deactivate,delete and re upload and reactivate.Doing that for more than 10 sites is not something I look forward to.

Search Engine Envy

the man
the man
I’m working on this one site and man is it requiring endless tweaks.The ecommerce solution (a paid for, non-open-source cart,gasp) reminds me of the gopher in Caddyshack. So I guess that makes me the psychotic,mentally disabled gardener. Anyway, each time I think the shop is finally good to go the error messages roll on in. The client asked someone to order from the site and wouldn’t you know it? They got an error message.If it were up to me I would attach 2 sticks of dynamite to this cart and blow it sky high.But they paid for it and so I must suffer.

The cart is not that feature-full and one thing that is really bare boned is the built in search engine.In the hopes of figuring something out I am constantly on other shopping sites trying to get a clue.I was just on Amazon searching for flare jeans for the hell of it.The engine kept returning results that were as far away from flared jeans as possible.Such as skintight shiny leggings. This made me feel a little bit better. If Amazon can’t have a perfect search engine then how can I? I’m just a psychotic, mentally disabled gardener after all.