Website logo breaks SSL on checkout and account pages

[Saskia]

I’m sure you guys are aware of this issue as it’s come up before, but I thought I’d post this screencast video just to remind that it’s still causing problems.

In the video you can see the site links are all HTTPS except for the logo image. Once I remove the logo image, everything works fine. Put it back, and SSL is broken again. It seems there is no HTTPS check when fetching the logo image file.

My site is using SSL on the checkout and account pages only. I saw another thread where you suggested to set the website address as HTTPS, but I don’t want to run the entire site through SSL because of the unnecessary overheads.

Any chance of this being fixed at some stage in a future update?

Attachments:

You must be logged in to view attached files.

[Rui Guerreiro – SUPPORT]

Hi,

Like was told in the other topic, since you have HTTPS you should have everything in HTTPS specially those 2 address url in General Settings.

That configuration you have at the moment will could cause several problems because the plugins/themes use the WordPress address to build the full url.

-Rui

[Saskia]

Hi Rui,

Thanks for your feedback.

Since it was only the logo which was causing the issue I decided to fix the problem myself. In the sf-header.php file there is this code:

// Standard Logo
 if ( isset( $sf_options['logo_upload'] ) ) {
     $logo = $sf_options['logo_upload'];
     }

I simply added an extra line of code to check for ssl, so it looks like:

// Standard Logo
if ( isset( $sf_options['logo_upload'] ) ) {
    $logo = $sf_options['logo_upload'];
        if (is_ssl()) { $logo = str_replace( 'http:', 'https:', $logo ); }
    }

And now it works perfectly. The checkout and account pages use SSL without problems.

[Rui Guerreiro – SUPPORT]

Hi,

I don’t doubt that works, but you can run with several other problems if you don’t set the urls correctly. Google maps, etc

The WordPress themes should work on both protocols without changing the code.
The important is that is sorted for you.

-Rui

[maratino]

It works, just had the same problem and changed the modified “function sf_logo” into my child’s functions.php. Switching the whole site to https is not an option because of Google.

[David Martin – Support]

Glad it helped you also.
-David.

[ctingom]

I have this issue as well, but here’s the other elements that are insecure:

Favicon
Logo
Retina Logo
Background Texture

[ctingom]

Solved. For anyone else with WP Engine and HTTPS, these settings solved the issue and the logo loaded in secure mode.

Attachments:

You must be logged in to view attached files.

[David Martin – Support]

Thanks for posting those settings, that is really useful for other users. WP-Engine rocks!

– David.

[Dev23847]

Is “WP Engine” a plugin? Can you kindly send link.

[David Martin – Support]

WPEngine is a hosting provider for WordPress.

Thanks.