Cart dropping all items / cart session clears

Are you using Varnish on the server?

We've seen a number of implementations where people strip the cookie BEFORE fetching on static content (images/css/js) - so if the image/js/css doesn't exist; it loads the Magento bootstrap and 404's - this stripping the cookie and site session entirely.

On our cPanel boxes, missing assets were serving the entire Magento page.

cPanel's defaults to ErrorDocument 404 /404.shtml but /404.shtml doesn't exist in Magento's document root, so the .htaccess gets executed again and redirects /404.shtml to index.php (using mod_rewrite).

Magento's default .htaccess should specify 404, 500, and other error handlers explicitly.

To fix this beahviour, we added the following to our .htaccess:

ErrorDocument 404 /errors/404.php

We probably should also add 500s as well:

ErrorDocument 500 /errors/500.php

One problem might be that Magento is not saving the session data when switching from HTTP to HTTPS. Make sure that the necessary settings for SSL etc. are set up properly.

Another problem it might be that the customer's ISP is changing their ip address, as documented here.

To fix this issue:

Change the Session Validation settings in the Magento Admin, found under System > Configurations > Web, to ‘no’ on everything except “Validate HTTP_USER_AGENT.” After doing this, go to System > Cache Management and refresh the configuration cache to apply the changes.