Actinic allows you to use a mixture of normal (http) URLs and SSL (https) URLs for viewing your online store. The http protocol is simple and easy to use, but it doesn't secure a connection, which makes it unsafe for entering sensitive information such as credit cards. The https protocol does provide security, but it is slower than http. So the ideal site configuration is https on pages with sensitive information (customer login and checkout process) and http on the rest of the pages (product pages, cart and search). Actinic allows you to set up your store in this way.
The feature is activated in 'Settings | Business Settings | Payment and Security'. See Securing Your Online Store.
This feature is designed to utilise two different servers . The customer login and checkout pages are served from the SSL server (using https) while the rest of the pages are served from the HTTP server. These servers may run on the same computer or on two different computers.
When Actinic is configured to use SSL only for customer login and checkout pages (see Securing Your Online Store) then most of the network settings are specified separately for the HTTP and SSL servers. When the site is uploaded, the whole site is uploaded to the HTTP server (just as in case of standard configuration) then a set of script files is uploaded to the SSL server's CGI directory. These files are:
· Customer Accounts script (bbxxxxxx.pl)
· Order script (osxxxxxx.pl)
· Additional modules (e.g. ACTINIC.pm, ActinicOrder.pm, . etc)
Additionally, the HTML files for the sections etc. are generated to use the appropriate http or https URLs.
Actinic allows the following configurations:
· One Computer - HTTP and SSL on the Same Computer
· One Computer - Different CGI-BIN Directories
· One Computer - Different FTP Details for Normal and SSL
· HTTP and SSL on Different Servers
From the details below, find the configuration that corresponds to how your server is set up. Then make a note of the settings required as you will need them for when you enter your network settings.
Your web server might be configured to share the same space between HTTP and SSL. This case both your secure and non secure documents are in the same folder (e.g. /usr/local/httpd/htdocs/). Your CGI scripts are also located in the same folder for both HTTP and SSL (e.g. /usr/local/httpd/cgi-bin/).
What server details will I need to be able to upload my store?
· The FTP details of the server
· The FTP path from the root of the server to the normal CGI-BIN folder
· The HTTP and SSL URLs of your web space
· The HTTP and SSL URLs of the CGI directory
The above configuration might be extended to have different folder for the secure and non secure scripts. E.g. your scripts are in /usr/local/httpd/cgi-bin/ and the secure scripts are in /usr/local/httpd/secure-cgi/.
Depending on your web server configuration the CGI URLs might be the same or might be different.
What server details will I need to be able to upload my store?
· The FTP details of the server
· The FTP path from the root of the server to the normal CGI-BIN folder
· The path from the normal CGI-BIN folder to the /acatalog directory
· The FTP path from the root of the server to the secure CGI-BIN folder
· The HTTP and SSL URLs of your web space
· The HTTP and SSL URLs of the CGI directory/directories
Your configuration might require different FTP details for the secure and non secure documents (likely for the CGI folders). E.g. your scripts are in /usr/local/httpd/cgi-bin/ where user 'web' has the required permissions and the secure scripts are in /usr/local/httpd/secure-cgi/ which folder can not be accessed by the 'web' user but the 'secure' user has the required permissions (but this user doesn't have permission for the non secure CGI folder).
What server details will I need to be able to upload my store?
· The FTP details of the server
· The FTP details of the server for access to secure CGI-BIN
· The FTP path from the root of the server to the normal CGI-BIN folder
· The path from the normal CGI-BIN folder to the /acatalog directory
· The FTP path from the root of the server to the secure CGI-BIN folder
· The path from the secure CGI-BIN folder to the /acatalog directory
· The HTTP and SSL URLs of your web space
· The HTTP and SSL URLs of the CGI directory/directories
The secure and the non secure web servers are on two physically different computers. This case both server have different FTP details and likely different directory structure.
Note: A 'Network File Path' (NFS) must exist between the two servers in order for this to work.
What server details will I need to be able to upload my store?
· The FTP details of the HTTP server
· The FTP details of the SSL server
· The FTP path from the root of the HTTP server to the normal CGI-BIN folder
· The path from the normal CGI-BIN folder to the /acatalog directory
· The FTP path from the root of the SSL server to the secure CGI-BIN folder
· The path from the secure CGI-BIN folder to the /acatalog directory
· The HTTP and SSL URLs of your web space
· The HTTP and SSL URLs of the CGI directories
Further to the standard server side requirements of Actinic, the configuration described above (HTTP and SSL on Different Computers) adds a few more requirements and limitations. These are
· The Catalog folder (/acatalog) should be accessible from both CGI directories via a file path. In other words, file access is required between the Catalog and both CGI directories. When the secure and non secure servers are running on different computers then NFS access should be set up between the two computers.
· The path to Perl should be the same on both servers. If different computers are used for secure and non secure servers, and the path to Perl is not the same, then a symbolic link (see 'ln -s' unix command) might be created on one of the computers to Perl.
· The 'Use Relative CGI-BIN URLs in Catalog Pages' feature cannot be used.
· If your site uses the 'referrer script' (e.g. rs000001.pl) then this file should be uploaded to the secure server CGI directory and should be accessed via https.
If you activate the HTTP + SSL feature (see Securing Your Online Store) and start the Connection Wizard (see The 'Web Site Configuration' Wizard) then you will be asked about your server configuration.
First you have to select whether you have 'SSL and HTTP on the Same Server' or 'SSL and HTTP on Different Servers'. The details above explain the difference between them.
If you select 'SSL and HTTP on the Same Server' then you can specify whether SSL and HTTP use 'Different CGI Bin Directories' (see 'One Computer - Different CGI-BIN Directories' above) and/or 'Different FTP Settings' (see ' One Computer - Different FTP Details for Normal and SSL' above).
Once your HTTP and SSL configuration is selected, the wizard goes through the same steps as for standard configuration, but depending on the selected SSL configuration some information will be asked for both the HTTP and SSL servers (e.g. 'Web Site URL').
The wizard tries guesses on each setting. If the value that the wizard comes up with doesn't match what you think it should be, then you can overwrite the value.
When you activate the HTTP + SSL feature then a new 'SSL URLs' tab appears on the 'Web | Network Setup' window beside the Normal URLs. The 'Normal URLs' are entered just as in case of standard HTTP setup (see Editing Your Network Settings).
The SSL details should be specified on the SSL URLs tab following the rules below
· The 'Catalog URL' is the https URL of the 'acatalog' folder of your web space.
· The 'CGI-BIN URL' is the https URL of the 'cgi-bin' directory of your web space.
· The 'FTP Details' should be the same as the 'FTP Details' on the 'Normal URLs' tab unless:
o You have different computers for HTTP and SSL.
o You have the same computers but different FTP details for HTTP and SSL.
· The 'Path to CGI-BIN' should be the same as on the 'Normal URLs' tab unless:
o You have different computers for HTTP and SSL
o You have different CGI-BIN directories for HTTP and SSL on the same computer.
· The 'Path from CGI-BIN to Catalog Directory' should be the same as on the 'Normal URLs' tab unless:
o You have different computers for HTTP and SSL.
o You have different CGI-BIN directories for HTTP and SSL on the same computer.