Enabling HTTPS protocol for X-Cart when HTTPS is not properly configured on your server breaks access to X-Cart’s Admin interface. To avoid this unpleasant situation, please ensure that HTTPS has been set up correctly on your server before enabling HTTPS support in X-Cart Admin.
Although X-Cart has an “HTTPS status check” feature that can help you detect some common problems like an SSL certificate missing or invalid, there is no 100% accurate method that we could use to tell whether a secure protocol is or is not working for your specific server configuration. For this reason, please, think twice when deciding whether HTTPS support may be enabled in X-Cart. Before clicking the button, you should know what you are doing, or else it may mess up your site.
If this warning is too late, and your X-Cart Admin area is already inaccessible due to HTTPS support being enabled on the wrong configuration, let’s try and fix the problem. The most evident solution would be to fix the problem with HTTPS on your server. As soon as HTTPS is working, you should be able to reaccess your store’s Admin area.
If, however, it may not be possible to enable HTTPS properly at this time, you can restore access to X-Cart Admin by completing the following steps:
Reset the values of the fields admin_security and customer_security in your store’s database. You can find these fields in the table xc_config, provided that during X-Cart installation, you chose to use the MySQL table prefix
xc_. The following MySQL statement will select the fields in question from the database table xc_config:
SELECT * FROM `xc_config` WHERE `name` LIKE "%security%";
The following statement will reset the field values:
UPDATE `xc_config` SET `value`=0 WHERE `name`="admin_security" OR `name`="customer_security";
Remove the folder var/datacache/ in your X-Cart installation directory.