SSL Certificates (?!)
Discussion
Not sure if this is right here or in Business, but here goes anyway.
Our website has lost a page - when a customer goes to complete a booking, the booking page has no data entry boxes, there is no way to enter card details or anything else. The rest of the page is there, just the data bits are missing.
We're in-between tech support contracts, and I'm sure this will be resolved in the next 24 hours or so (otherwise we're screwed) but can anyone explain how this can happen?
We have a valid SSL certificate from R3, valid until 22 September and its on auto renew, everything was working fine until about 5 days ago when a small number of customers started having issues, now no-one can see the page content.
Have we been blacklisted or something? I'm tearing my hair out trying to work out WTF is going on.
Our website has lost a page - when a customer goes to complete a booking, the booking page has no data entry boxes, there is no way to enter card details or anything else. The rest of the page is there, just the data bits are missing.
We're in-between tech support contracts, and I'm sure this will be resolved in the next 24 hours or so (otherwise we're screwed) but can anyone explain how this can happen?
We have a valid SSL certificate from R3, valid until 22 September and its on auto renew, everything was working fine until about 5 days ago when a small number of customers started having issues, now no-one can see the page content.
Have we been blacklisted or something? I'm tearing my hair out trying to work out WTF is going on.
mondeoman said:
We're in-between tech support contracts, and I'm sure this will be resolved in the next 24 hours or so (otherwise we're screwed)
I suspect your answer lies somewhere in the untold story of how you've ended up with no support on a key business requirement. Have you annoyed the previous provider and left their credentials open for them to change stuff?SSL certificates are likely to be a red herring - your browser would be alerting you over issues with that, it wouldn't manifest as missing input fields.
Post a link to the site
shouldbworking said:
mondeoman said:
We're in-between tech support contracts, and I'm sure this will be resolved in the next 24 hours or so (otherwise we're screwed)
I suspect your answer lies somewhere in the untold story of how you've ended up with no support on a key business requirement. Have you annoyed the previous provider and left their credentials open for them to change stuff?SSL certificates are likely to be a red herring - your browser would be alerting you over issues with that, it wouldn't manifest as missing input fields.
Post a link to the site
Previous support stole from us and tried blackmailing us after that. No way is that relationship going to be continued. They are now locked out as the site and database have been moved to my hosting account (2 weeks ago), all relevant passwords have been changed and there are no open ports. Apparently.
Issues started on the 27/28th July.
API keys were all fine, until last night when refunds weren't processed, but no problems until then. But apart from the change of host, nothing has been changed as far as I'm aware.
"No API key provided. (HINT: set your API key using "Stripe::setA(<API-KEY>)". You can generate API keys from the Stripe web interface."
Would that take down the payment page and take 14 days to filter through from the move?
ETA Stripe API keys haven't been changed since May 2020, I just checked.
"No API key provided. (HINT: set your API key using "Stripe::setA(<API-KEY>)". You can generate API keys from the Stripe web interface."
Would that take down the payment page and take 14 days to filter through from the move?
ETA Stripe API keys haven't been changed since May 2020, I just checked.
Edited by mondeoman on Tuesday 2nd August 11:42
NDA said:
I am not a techie - but quite often find sites that don't work properly (typically no drop down availability) on my MacBook running Safari, and yet work fine on Firefox.
Has your client tried a different browser?
We have a mix of Safari users and Chrome users (and others I'm sure) - I've tried Incognito on Chrome as well, none of them are working. Has your client tried a different browser?
So frustrating not knowing what the problem is - even if I cant fix it myself at least I'd know what questions to ask a new support team.
FunkyGibbon said:
mondeoman said:
But apart from the change of host, nothing has been changed as far as I'm aware.
I'm no stripe expert but I suspect moving the physical host would require you to regenerate your API keys. Hope it is that simple.That'd be about right for the way the last couple of months have gone
As mentioned above, your Stripe API key is missing in your payment page.
var stripe = Stripe(''); // test publishable API key
Depending on how the site is built, there might be some config somewhere to add this in.
Completely off topic, but weird seeing someone so local.. I'm in Bloxwich
var stripe = Stripe(''); // test publishable API key
Depending on how the site is built, there might be some config somewhere to add this in.
Completely off topic, but weird seeing someone so local.. I'm in Bloxwich
mw88 said:
As mentioned above, your Stripe API key is missing in your payment page.
var stripe = Stripe(''); // test publishable API key
Depending on how the site is built, there might be some config somewhere to add this in.
Completely off topic, but weird seeing someone so local.. I'm in Bloxwich
Bugger me , a local !!! var stripe = Stripe(''); // test publishable API key
Depending on how the site is built, there might be some config somewhere to add this in.
Completely off topic, but weird seeing someone so local.. I'm in Bloxwich
The next question then becomes, where the f@ck has that piece of code gone?
Doing a bit more digging, it's build on the Laravel framework so shouldn't be too difficult to find out where it's hiding.
Depending on whether it's using the built-in library or not, you can check your .env file (Where you db creds are)
STRIPE_KEY=your-stripe-key
STRIPE_SECRET=your-stripe-secret
STRIPE_WEBHOOK_SECRET=your-stripe-webhook-secret
You might need to work backwards from the payment page though.
Depending on whether it's using the built-in library or not, you can check your .env file (Where you db creds are)
STRIPE_KEY=your-stripe-key
STRIPE_SECRET=your-stripe-secret
STRIPE_WEBHOOK_SECRET=your-stripe-webhook-secret
You might need to work backwards from the payment page though.
mondeoman said:
www.bostyfields.co.uk
Previous support stole from us and tried blackmailing us after that. No way is that relationship going to be continued. They are now locked out as the site and database have been moved to my hosting account (2 weeks ago), all relevant passwords have been changed and there are no open ports. Apparently.
Issues started on the 27/28th July.
The stripe API key was likely locked to the IP address of the old server, and you will need to create a new API key using the address of the new server.Previous support stole from us and tried blackmailing us after that. No way is that relationship going to be continued. They are now locked out as the site and database have been moved to my hosting account (2 weeks ago), all relevant passwords have been changed and there are no open ports. Apparently.
Issues started on the 27/28th July.
mw88 said:
Doing a bit more digging, it's build on the Laravel framework so shouldn't be too difficult to find out where it's hiding.
Depending on whether it's using the built-in library or not, you can check your .env file (Where you db creds are)
STRIPE_KEY=your-stripe-key
STRIPE_SECRET=your-stripe-secret
STRIPE_WEBHOOK_SECRET=your-stripe-webhook-secret
You might need to work backwards from the payment page though.
Sooner I get a dev on board the better! Hopefully engaging someone this afternoon, but all of this is great insight Depending on whether it's using the built-in library or not, you can check your .env file (Where you db creds are)
STRIPE_KEY=your-stripe-key
STRIPE_SECRET=your-stripe-secret
STRIPE_WEBHOOK_SECRET=your-stripe-webhook-secret
You might need to work backwards from the payment page though.
somouk said:
The API key is a hidden variable above in the page code. It's still there but I guess may be wrong...
I'm also not too far away, I'm in Bridgnorth, but was from West Brom.
Jeez, we just rehomed an abandoned dog to a couple close to Bridgnorth - small world I'm also not too far away, I'm in Bridgnorth, but was from West Brom.
Edited by mondeoman on Tuesday 2nd August 15:15
Already answered but dev tools (f12) in browser can really help with this as shown below.. open your page then look for errors (red at top), then you will see the red sections here in the bottom and usually see a "friendly" message, then click the relevant section (where my cursor is) and you can see the code in error - in this case the Stripe API key, not worked with them but I guess you just need to raise a case and get a new key and add it
Captain Answer said:
Already answered but dev tools (f12) in browser can really help with this as shown below.. open your page then look for errors (red at top), then you will see the red sections here in the bottom and usually see a "friendly" message, then click the relevant section (where my cursor is) and you can see the code in error - in this case the Stripe API key, not worked with them but I guess you just need to raise a case and get a new key and add it
Wow - PH delivers again !!Thanks
Gassing Station | Computers, Gadgets & Stuff | Top of Page | What's New | My Stuff