Thanks for your assistance. Well unfortunately I don't have access to the "conf" folder so I've asked my host to make the tweaks. Hopefully they can do this.

Other question - is it absolutely necessary/imperative to keep the encryption key in a folder outside of the main Web folder (www or httpdocs)? Could I keep the key in the Web folder but just keep the permissions locked down? Just curious on this.

Thanks for your note on debug mode as well.

-backdrifting

Thanks for your assistance with this. My host successfully set up the access to the folder and I have the encryption file in there now. It's all working.

Now one further question - I gave that folder all permissions so the file could be written to that location. According to the Ubercart docs on this it states:

"You will need to grant permissions on the folder that allow Drupal to write to it, but you can change this once the encryption file has been created."

So should I turn off all the read/write/exe access to that folder now that the file has been written? Just leave the read/write access for "owner"?

Thanks,

-backdrifting

Actually, I removed the write access and then I enabled COD (in addition to the credit card payment settings I already configured). When I then went to re-save my configuration I get the following errors:

* warning: fopen(../private/encrypt.test) [function.fopen]: failed to open stream: Permission denied in /var/www/vhosts/sitename.com/httpdocs/sites/all/modules/ubercart/payment/uc_credit/uc_credit.module on line 776.
* Cannot write to directory, please verify the directory permissions.

So I went into the server and turned write permissions back on for the ../private folder. Then I saved the config again, and now I'm still getting the error.

So it was working, and now it's not working. What should I do?

Any suggestions?

-backdrifting

... or is it that Drupal just needs to create that encryption file and then I can take those permissions off, but not re-save the configuration in Ubercart? Is the issue because I had removed the permissions and then tried saving a new config with COD?

-backdrifting

Permissions are weird on directories. Read lets you know what files are in it, but that's all. Write lets you create files in that directory. However, Execute lets you get additional information about the files, like filesize and timestamp.

The private directory should probably have permissions of 700 (rwx for owner) or 500 (r-x for owner), while the encryption key file should have just read (400). Just make sure that the owner is the Apache process, so that PHP can use it.

Hi to all on the Ubercart forums (sorry, my first post) - firstly, many thanks for a FANTASTIC e-commerce package

I wonder if anyone can help - I'm having similar problems with a site that I've just moved to a live server (still under basic auth). The error I'm getting is;

The strange thing is, my keys folder is /var/www/vhosts/sitename.com/keys and I've created a /conf/vhosts.conf to override /conf/httpd.include (I'm using Plesk on a CentOS box) and I've tried both

AND

Have I been a complete wally and missed something here??? I also have another test install of Ubercart running on the same server using an almost identical setup but that site has no issues.

The only thing I can think of, being relatively new to Drupal and Ubercart, is that something may have gone a bit screwy when I moved the site from a local XAMPP install in this case. Would going from one level down in XAMPP (e.g. htdocs/sitename/DRUPAL+UBERCART FILES) to a top level install on this server make any difference anywhere?

Many thanks in advance

I am in the same boat as you were here, and I am not sure how you fixed it. What do you mean by "basic auth" and what would I need to get around it?

Here is my error:

warning: file_exists() [function.file-exists]: open_basedir restriction in effect. File(../keys/uc_credit.key) is not within the allowed path(s): (/var/www/vhosts/mysite.com/httpdocs:/tmp) in /var/www/vhosts/mysite.com/httpdocs/sites/all/modules/ubercart/payment/uc_credit/uc_credit.module on line 1359.

I am a bit unfamiliar with all this, but I did create the same file as axel_pressbutton:

My keys folder is /var/www/vhosts/sitename.com/keys and I've created a /conf/vhosts.conf to override /conf/httpd.include

Its there, but what else do I need to do?

Thanks in advance for your help.

Hi Bevinlorenzo - sorry, I've not been around for a few days.

"basic auth" is short for "Basic Authentication" and I'm guessing you're not using it if you're not sure what it is. I use it to restrict access to the site until I want people to see it. All it does is lock the site down and requests a username and password when you visit the site. See http://en.wikipedia.org/wiki/Basic_access_authentication

In my case all I had to do was to disable this. Again, I'm not sure if this is just a CentOS/Plesk issue.

I can't recall, but I'm sure I tried the fully qualified path without success - I'll Try some of TorgosPizza's last comments to see if i can get my setup to work happily with basic auth in place.