SSL Issue

[yas1212]

Hi,

1) I’m trying to force HTTPS redirect on some pages with plugin (plugin works fine with other theme) and its not working with Neighborhood.Normal pages(i mean these I created in admin) are not available via https AT ALL.
My SSL certificate is ok and its not shared hosting.
Pages myaccount, login.admin area – redirect with no problem.
What may cause this issue and how to fix it?

2) Some elements remain unsecure on https – uploads (ex.custom logos which i uploaded via admin area,favicon). Not able to solve it.
I would normally change ‘http://site.com/assets/logo.png’ to ‘//site.com/assets/logo.png’, but can’t figure out where is the code?

Yas

[Melanie – SUPPORT]

Hi, I will forward this to another support staff as SSL is not really my field of expertise.

Cheers!

[Cosmin – SUPPORT]

Hi Yas,

URLs are not hard-coded in the theme, so WP should be able to detect if you’re using SSL without any help. Does it not work if you specify your site address with https:// ? (technically, you wouldn’t need a plugin to do this)

Regards,

————————————————————————————————————

Cosmin
Support Assistant

[digitalife]

I have same issue regarding SSL (https installation)
Firefox and Chrome block theme contents. I can’t fine where url is hard-coded.
I am getting serious security warning from all browsers because there’re unsecure link (http) under https.

[Melanie – SUPPORT]

Hi, did you notice Comin’s comment?

URLs are not hard-coded in the theme, so WP should be able to detect if you’re using SSL without any help. Does it not work if you specify your site address with https:// ? (technically, you wouldn’t need a plugin to do this)

Can you reply to this as well? 🙂

[digitalife]

Hi, did you test it before reply it?

I really hope that the URLs are not hard-coded in the theme. but I found a lot of unsecured links requested on the theme if using SSL. For one example, the background image of this theme requested from unsecured link(http) and all browser will block this theme and get warning “MIXED CONTENT” because of this small unsecured link if they want to use this theme on SSL(https).
Another unsecured link is from Revolution Slider : I removed “@import url(http://fonts.googleapis.com/css?family=Open+Sans:400,800,300,700);” in caption.css
I think revolution slider must be optimized for https users if not, new version of FireFox 23 will block all your theme contents if they use SSL. as I notify regarding this issue, please find every unsecured links(hard-coded or not) in your theme and update it to SSL user. (there are more unsecured link to be fixed) Thank you.

[digitalife]

Finally I found this article.
https://managewp.com/wordpress-ssl-settings-and-how-to-resolve-mixed-content-warnings
Check the article above link if you are having problem with SSL installation.
Thank you for Swift Support.

[yas1212]

Hi Melanie,Cosmin and digitalife,

@Cosmin. My site is down at the moment 🙁 ,once host will resolve issue,I will provide you with access info.

@digitalife. Thanks for reference, I have read that article before posting my question here.

I need to force only a few pages to load via HTTPS. I tried to used plugin WordPress HTTPS (im using it with other theme and it works well), but unfortunately is not working with Neighborhood.Furthermore, pages created in backend redirect to http (for example contact us page),I’m unable to load them via https at all.Admin and woocommerce are loaded via https,but with some insecure elements.

Now regarding how to fix the issue with insecure elements.In mentioned article is stated clear that this issue is caused by hardcoded plugin and/or theme.In my case I do not need to secure pages with third parties plugins like revolution slider etc.,but the theme pages with no plugins.

What I found so far that theme is not handling uploaded images via https. For example logo is one of these insecure elements.With CSS that would be easier for me to fix this issue by changing path to //site.com/uploads/image.png. But in our case images(logo for example) are called from php file and my knowledge of php is very limited.

I would like to request Swift Support once again to review this issue,resolve it with update or provide us with instructions on how to do that.

Thanks.

[oishivila]

Hi,

I’m having exactly the same issues as Yas1212 described. Pages loaded via https:// are presenting errors with unsecure elements that are loading as http://, such as fonts.googleapis.com and custom logo uploaded through the Theme’s Admin Panel. Changing the paths from http:// to // seems to be the alternative fix, if only I knew in which files these infos are being called…

Well, just adding voice to the chorus… I’ll be waiting for an answer to Yas’s problem.

Thanks, and sorry for my bad english (it is not my native language)!

[ovrld]

Yeah – I raised this issue in another thread too.

I haven’t tried it yet on this theme but I’ve used on another site and can work well:

http://wordpress.org/plugins/wordpress-https/installation/

Although, themes should really have unbiased URL prefixes as standard.

[Swift Ideas – Ed]

Hey guys,

If you can follow the above links, and let me know of any URLs that are in the theme causing issues, I will happily check it out.

– Ed

[yas1212]

This reply has been marked as private.

[Swift Ideas – Ed]

This reply has been marked as private.

[ksprague]

We are having exactly the same issue. The URL of the favicon is defaulting to http:, even on pages that have been forced to https. As mentioned by oishivila, google fonts present the same problem.

This means that on otherwise secure (https) pages, there are always at least two page elements (favicon and google fonts) being served non-securely (http). This generates errors in *some* browsers, and scares customers.

And yes, we are using the WordPress HTTPS plugin. It resolves the issue on other sites, but does not resolve the issue when using the Neighborhood theme.

[imjustrestless]

I’ve noticed the same issue and have had some luck, some of the time fixing the problem with the logo being insecure by overwriting some of the entries in the mysql database… though I’ve noticed that this can also cause the entire installation to revert to theme defaults…

I will update further if / when I find a good fix for this as I’ve done it once before, but with the latest upgrade, has reset itself.

**UPDATE** Noticed I had an embeded custom google map on my product page that was causing the page to load mixed content, removed and now things are fine.

I did notice that a pinterest pin-it button was possibly loading some insecure content as well. removed that too