Fixing Zen Cart Admin Login Redirect Loop Caused By Forcing Website to Be Served Over HTTPS

We recently had someone come to us for Zen Cart support after they could no longer log in to the admin area of Zen Cart after their web host configured it so their website would always be served over HTTPS. When they tried to log in they were redirected back to the log in page without any error message being shown. While there are some other issues that can cause that same type of redirect to occur, in the situation where that change to serve the website over HTTPS has been made, what we found would fix this is to update the configuration file for the admin area, which is located /includes/configure.php in side of the admin directory (whose name varies from website to website), to use the HTTPS address for the website.

The relevant portion of the configuration file for a website using a recent version of Zen Cart is below:

/**
 * Enter the domain for your Admin URL. If you have SSL, enter the correct https address in the HTTP_SERVER setting, instead of just an http address.
 */
define('HTTP_SERVER', 'http://www.example.com);
/**
 * Note about HTTPS_SERVER:
 * There is no longer an HTTPS_SERVER setting for the Admin. Instead, put your SSL URL in the HTTP_SERVER setting above.
 */

Changing the “HTTP_SERVER” setting to start https:// instead of http:// resolves this as the proper address is used when handling the log in.

Leave a Reply

Your email address will not be published.