Server Requirements


ExpressionEngine 2.7 + is required to run CartThrob 2.3.7+


We've made it as simple as possible to create advanced dynamic shopping cart sites with ease but there is still a bit of work required on your part. CartThrob comes with default templates to get you up and running fast, but we recommend you review the docs presented on this site and review all of the configuration settings in detail before you build your first site. You can potentially create a shop without ever reading the manual, but it will be much more helpful in the long run to review the materials we have made available.

SSL Certificate

Many merchant accounts require that you make purchases using a secure connection. This requires the yearly purchase of an SSL certificate, and installation of that certificate on your website. If you require additional information about SSL certificates, please contact us! All fully integrated payment gateways (including PayPal Payments Pro) are generally required to have an SSL certificate, and a secure HTTPS connection to complete transactions. Payment gateways that take payments off-site, including PayPal Standard, and 3-D secure systems may not require an SSL certificate, but it is good practice, when transmitting data to use HTTPS connections.


Installation of CartThrob requires ExpressionEngine. CartThrob is an addon that runs as part of ExpressionEngine 2.7+. To ascertain if your server can run ExpressionEngine, please review the documentation here.

PHP Settings

You must use PHP version 5.2 or newer and MySQL version 4.1 or newer

Some off-site payment gateways, including PayPal Standard,, or others requiring 3-D secure payments and other off-site payment methods suggest that the PHP setting "session.referer_check" is disabled. You can check phpinfo(), or, using ExpressionEngine you can go to Admin » Utilities » PHP Info and check to make sure it is currently turned off (or set to no value).

You can turn this off using php.ini (if you have access to it… on most shared hosts you won't).

session.referer_check = 

using .htaccess

php_value session.referer_check none

or disable it by adding the PHP command ini_set to the top of your ExpressionEngine site index.php file.

ini_set('session.referer_check', '');

If setting referer_check to none causes any issues with other systems then try to leave referer_check enabled. If referer_check is enabled, it's entirely possible to lose track of the contents of your session after being redirected back from another site, but it's not necessarily ensured that this will happen.


To configure, install and use the CartThrob Ecommerce System you must have at least some experience with ExpressionEngine template tags and development. To use advanced features of CartThrob, you must also have some basic knowledge of HTML forms and post actions. Experience with jQuery or javascript is also required if you plan to use CartThrob to work with AJAX calls. Advanced experience with PHP is required to develop shipping and gateway plugins (relax, we've included some popular ones already). You can find more details about developing these plugins in our Developers' section. You must also be comfortable using FTP to upload files to your website.


You must have javascript capabilities within your web browser to use CartThrob's configuration extension. You must have extensions enabled, and you must have the jQuery for the Control Panel extension installed and configured as well.


cURL must be installed for several of the most common payment gateways to work (including If you do not have cURL installed on your server, ask your host for more information about cURL, install it yourself, or ask your IT department (cURL is free) or get a new webhost. We recommend Liquid Web, Amazon EC2, and Arcustech. If you really have no way to use cURL, please contact us and we'll see what we can do for you.