Today I completed work on another customer’s site: Lizzie Lane – Hand Selected Beautiful Jewellery and Gifts.
My tasks were to develop some custom templates for it’s Thesis based theme, many Shopp modifications including fixing an XSS issue in Shopp, making Shopp work with SSL (something it does not do out of the box), some CSS work and various other Shopp modifications.
I’ve recently been debugging a customer’s WordPress/Shopp store. When the customer set the Cart & Checkout to be served over SSL the shipping calculator failed.
Serving Cart / Checkout / My Account pages over SSL is not built into Shopp for some reason. I have a post on this – SSL/HTTPS for Shopp pages or checkout process only. If you use a shipping calculator, or offer different shipping methods this will fail. Continue reading “WordPress/Shopp Shipping Calculator/Options Access-Control-Allow-Origin Error”
Shopp currently doesn’t redirect you to any SSL/HTTPS pages during any part of the checkout process. Technically, if you are using a 3rd party payment provider, it doesn’t need to, but I’d like customers name/address data to be encrypted and secure.
So we need to force SSL on specific pages. Continue reading “SSL/HTTPS for Shopp pages or checkout process only”
Today I noticed I was getting the dreaded WordPress IO Error when uploading media. I’ve fixed this before, for me and other clients but this wasn’t the usual error.
Not file permissions, not an anally retentive PHP install, not user error. Besides, media uploads worked via the HTTP uploader, just not the Flash uploader. Continue reading “Not your usual WordPress IO Error”
Section 4.1 of the the Payment Card Industry Data Security Standard (PCI-DSS) v1.2, merchants handling credit card data are required to “use strong cryptography and security protocols such as SSL/TLS or IPSEC to safeguard sensitive cardholder data during transmission over open, public networks.” Continue reading “PCI Compliance – Disable SSLv2 and Weak Ciphers”
Here’s my mini guide on creating SSL certificates for use in Apache.
I create a lot of these things, so saving 45 seconds per request really adds up!
* Well, it depends how fast you can
type copy and paste. Continue reading “SSL Certificate Generation in 30 seconds*”