Page 2 of 2
Re: https warning
Posted: Fri Oct 19, 2018 4:18 am
by andyk1
Windows I.E. browser is no longer supported. FF and Chrome should work. Is it a paid SSL or one assigned by the Host server? Most free SSL certs don't work correctly. Some do.
Also if you do not have an index.html in your route you should create one. It is useful if someone just types
http://your site name or types only your site name with out http or www. directs them to the correct starting point on your site.
Andy
Re: https warning
Posted: Fri Oct 19, 2018 7:04 am
by polbrieuc
WessexWeather wrote: ↑Thu Oct 18, 2018 5:09 pm
Thanks for the replies. I changed to https in the main settings immediately, and I don’t have an index.html...
I’m still only getting a partially secure page though.
The only browser that’s reads my site as secure is Firefox.
It’s probably due to other insecure scripts or links within my site, but the warnings may put some users off from visiting.
Very frustrating.
Securing your site will often not be enough to remove the "mixed content" warnings that your users may experience when navigating your pages.
Some blocks or plugins will use links to external resources that may not be secure (http instead of https).
There is not much you can do except remove the conflicting blocks from our page or modify them to make them secure.
If you go down the road of modifying them, you will need to replace "
http:" by "
https:" for every link in the code.
Note that while this works perfectly for some blocks, there are some cases where you will still have an issue :
- If the external resource is not available on a secure url (like warningsEURegions or ligthning) : nothing you can do except remove it (well actually you could use a proxy but that's for a different conversation)
- if the external resource link is obtained from another external resource (like nasaImg which get a list of images from a RSS feed) : you need to programmatically replace http by https (example from the nasaImg block ) :
Code: Select all
<img src="<?php echo str_replace("http:","https:",$imgLink)?>" style="" id="mainNasaImg">
$("#nasaImgWindow").html("<div style='width:98%;margin:0 auto;text-align:center'><img src='"+urlImg.replace("http:","https:")+"' style='width:100%'></div>");
Re: https warning
Posted: Fri Oct 19, 2018 7:41 am
by WessexWeather
Thanks polbrieuc,
I figured as much. Since securing my site with Cloudflare I have noticed a few odd things happening, like my webcam only updating every hour or two rather than every 5 minutes, as well as these mixed content errors.
I have therefore unsecured the site again, and will put up with poor Google listing priority!
Re: https warning
Posted: Wed Oct 31, 2018 11:35 pm
by Jachym
It is a bit unfortunate that Chrome/FF do this. It should only be shown as "insecure" on pages, where you actually enter some info. Static pages like MT, which are just "read" are not really "not secure", there is nothing secure being sent. Im not at all against https, but in some cases it is irrelevant. The problem is that as mentioned above, some sources are only available as http, in which case there is not much you can do other than remove that block/plugin. If you only use the basic features related to your PWS, it will work fine.
Re: https warning
Posted: Mon Dec 31, 2018 8:12 pm
by Dehatter
Just a a note, I looked at the secure sites for everyone in this post and none of them are showing a padlock.
I personally don't want to go to all the trouble (even a little bit of trouble) if I don't get a padlock. I mean what is the point if your site is still considered not secure even with SSL?
Tom