Are you accessing your Admin using HTTPS? Never access your admin using a normal HTTP. Always use the HTTPS at the start of a web address.
To force your admin page to use a HTTPS connection you can modify your shopadmin.asp file.
Open shopadmin.asp (or whatever you have renamed this page to) in any text or html editor
Lines 1 and 2 of this file should read:
!--#include file="shop$db.asp"-->
!--#include file="shopmail.asp"-->
Immediately following these two lines, add the following code to force your admin to load in HTTPS mode:
%
Response.Buffer = True
If (Request.ServerVariables("HTTPS") = "off") Then
Dim xredir__, xqstr__
xredir__ = "https://" & Request.ServerVariables("SERVER_NAME") & _
Request.ServerVariables("SCRIPT_NAME")
xqstr__ = Request.ServerVariables("QUERY_STRING")
if xqstr__ > "" Then xredir__ = xredir__ & "?" & xqstr__
Response.redirect xredir__
End if
%>