Tag Archives: osCommerce-based code

mod pagespeed causes google checkout problems on dreamhost vps

If you’re running a vps (virtual private server), an oscommerce-based cart, a 3rd party google checkout payment module that requires zend optimizer and happen to be with a hosting company that offers ‘web site optimizations’ … (yeah I know, pretty select situation), make sure to take a close look at the web hosting control panel because ‘page speed optimization defaults’ may include the apache module mod_pagespeed, Google’s own bash at making your sites go faster.

A recent job I had was to fix a failing google checkout callback for a client who runs a site on a dreamhost vps. After a lot of of tests and removing various caching and compression features, plus an investigation into php compiled via fastcgi (that I wouldn’t recommend to anyone), I noticed that all the stylesheets were getting linked together in the page source code of the site. For example, a cre loaded site running product page tabs and a social media box might look:

http://mysite.com/cgi-bin/dispatch.fcgi/templates/mytemplate/sty lesheet.css+tabs,_tabpane.css.pagespeed.cc.1234abc.css

Note ‘pagespeed’ in the url – this is an indicator that you too have google’s mod_pagespeed running on your server.

It was easy to deactivate the Page Speed Optimization module (which includes mod_pagespeed – remove a tick in a box) but man, it took some hunting down (mainly because I wasted time looking at the ‘complicated’ when it would be better to check the ‘obvious.’)

You can read a whole lot more about Google’s ‘Page Speed Optimization’ suite of tools (which includes the apache mod_pagespeed) from this url: code [dot] google [dot] com/speed/page-speed/

Here is a list of some of the filters it uses, to give you an idea of what it might do to for your site:

ModPagespeedEnableFilters combine_css
ModPagespeedEnableFilters rewrite_css,rewrite_javascript
ModPagespeedEnableFilters inline_css,inline_javascript
ModPagespeedEnableFilters rewrite_images
ModPagespeedEnableFilters insert_img_dimensions
ModPagespeedEnableFilters remove_comments
ModPagespeedEnableFilters extend_cache
ModPagespeedEnableFilters remove_quotes

check for missing unused images on your server

(aka osCommerce contribution remove_unused_images)

Written for:
any version of cre loaded series 6 cart, but easy to convert for all osCommerce-based carts (including oscMax, zencart)

screenshot of image check

What it does:
Scans and lists all your image files, compares the ones requested by the database products and products_description tables with all of the image files on the server in the /images directory and subdirectories of /images (one level deep.) Then shows a list of any unused images (ie on the server but not being called by the database) with the option of shifting
these into /images/UNUSED.

Ease of use:
Moderate skill needed – you do need to manually set the configuration options in the /admin/image_check.php file. Instructions are included as comments in this file.

Risk from use:
None – no files are actually deleted, only shifted. Low chance of conflict with other store files.

1. When searching product_descriptions, it will only report on images already on the server NOT on the ones called by the database and missing from the server.
2. Will only search one subdirectory deep in the /images folder, so /images/flowers/pic1.jpg will be scanned; /images/flowers/red/pic1.jpg will not be scanned.

Don’t want to try installing it yourself?

No problem – drop me an email and I can install it for you for a minimal amount.


stop google from indexing https secure pages of your website

To stop google and other bots from indexing your website https pages you need to create a new version of a robots file and add a conditional to your store’s root htaccess file. Note – your server should be running the Apache mod_rewrite module for this to work.

Simply create and upload a txt file containing the following code to your store’s root directory:

User-agent: Googlebot 
Disallow: / 

User-agent: * 
Disallow: /

modify the store’s htaccess file
Add the following lines near the top of your htaccess file:

RewriteCond %{SERVER_PORT} ^443$ 
RewriteRule ^robots.txt$ robots_ssl.txt

Check your Google Webmaster account to check this is working correctly.

how to add a linked image to an infobox

You want to advertise a new product or special shipping offer with an image in one of the side columns of your store. And you would like to make it a clickable link to another page. Here’s how:

1. First prepare the image. Consider the width of the column it is going to be inserted into. If the image is wider than the column, it’ll push out into the mainpage area. Upload the image to the folder /images.
2. Open up the example.php infobox file. In Cre Loaded you can find this in /templates/default/boxes. The code looks like this:

                               'text'  => '' . BOX_HEADING_EXAMPLE . '');
  // Change BOX_HEADING_EXAMPLE to a name of your choice. Use the same in Infobox Admin to configure the infobox title.
  new $infobox_template_heading($info_box_contents, '', ((isset($column_location) && $column_location !='') ? $column_location : '') ); 
  $info_box_contents = array();
  // add your infobox content to the text variable below  
  $info_box_contents[] = array('align' => 'center',
                               'text'  => '' . tep_image(DIR_WS_IMAGES . 'Book-4_mockup.jpg', 'my image', SMALL_IMAGE_WIDTH, SMALL_IMAGE_HEIGHT) . '');
  new $infobox_template($info_box_contents, true, true, ((isset($column_location) && $column_location !='') ? $column_location : '') );
    $info_box_contents = array();
    $info_box_contents[] = array('align' => 'left',
                                 'text'  => tep_draw_separator('pixel_trans.gif', '100%', '1')
    new $infobox_template_footer($info_box_contents, ((isset($column_location) && $column_location !='') ? $column_location : '') );

3. Edit the content line. Find in the code the comment // add your infobox content to the text variable below and below this edit the ‘text’ as shown in the following example, replacing the image link, name and title with your details:

$info_box_contents[] = array('align' => 'left',
'text'  => '' . tep_image(DIR_WS_IMAGES . 'name_of_my_image.jpg', 'my image title', SMALL_IMAGE_WIDTH, SMALL_IMAGE_HEIGHT) . '');

4. Save the example.php file and add the infobox to the template in the usual way.

how to rename your admin folder

One recommended security step to take with any oscommerce-based e-commerce store is to rename the admin folder so it is harder for the uninvited to drop in.

Steps to take:

  • Choose new name
    Or don’t and use a randomiser like the PCTools Password Generator to make a new admin folder name of 8 or more characters for you. Use a mix of letters, cases, numbers and some symbols (avoid \ | / ‘ and ” however.) Copy it to the Clipboard so you can paste it in the next steps.
  • Although a 'hard-to-guess' admin name is good, 24-characters seems excessive.
  • Make the change
    Access your Store through your control panel or an (s)ftp connection, click the Rename button (or use right click ‘rename’) and paste in the new name.
    Refresh the display (or close and reopen the (s)ftp connection) to see the change take effect.
  • Update your ‘admin’/includes/configure.php file
    You may have to change the permission settings to be able to make the following change – ’666′ or ‘Read/Write all groups’ is usually enough.
    Check the file for entries with /admin/ in the paths. Use Find and Replace to change all of these /admin/ entries to /new name/.
    Save the file and change permissions back to ’444′ or ‘Read only all groups.’
  • Update any ‘admin’ bookmarks
    If you have the old admin panel bookmark in your browser(s) now’s the time to update these to reflect the new ‘admin’ folder name.
  • Don’t include references to the new ‘admin’ folder in the robots.txt file
    The /catalog/robots.txt file is a popular reference for would-be hackers to see which parts of your store you don’t want the bots to visit. Avoid mentioning the new ‘admin’ folder in this file. There are other ways of diverting bots attention away from areas of your store you may want to keep better hidden than others.

There’s more here about securing your admin – and although these steps do not guarantee 100% certain defence against the determined hacker, they will raise the bar out of the reach of ‘script kiddies’ and others who are looking for easy targets. 7JP9H7JXBRDZ