My access provider reinstalled the CSR and says its correct. I noticed after my access provider moved over the site that I have no secure sub-directory under browngrotta.com. Should I create one and if so which files would go in it? Since cart.php is looking for the secure.browngrotta.com/check-out.php page. If I put it into a secure sub-directory it goes their with a Warning: require_once(web assist/framework/framework.php) . But at least it goes somewhere.