SSL not secure
Permalink
I have installed SSL on my site and while the site comes up with the SSL cert, it shows it being insecure, says there may things like images that are not secure. I have checked the source code and cannot find anything that shouldn't be there, but clearly something is preventing it. You can view the site athttp://frameworksfl.com.
I have slected Pretty URLs and the following in my .htaccess
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME}/index.html !-f
RewriteCond %{REQUEST_FILENAME}/index.php !-f
RewriteRule . index.php [L]
</IfModule>
Also, Canonical Urls =http://frameworksfl.com and Separate SSL URL =http://frameworksfl.com
Any guidance is very appreciated.
I have slected Pretty URLs and the following in my .htaccess
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME}/index.html !-f
RewriteCond %{REQUEST_FILENAME}/index.php !-f
RewriteRule . index.php [L]
</IfModule>
Also, Canonical Urls =http://frameworksfl.com and Separate SSL URL =http://frameworksfl.com
Any guidance is very appreciated.
Try removing the extra whitespace in your theme header so the doctype is the first line.
I've tried everything to move the doctype up, but cannot find the culprit. I've looked at the index.php in the root, the config.php in concrete, the full.php, header.php in the theme. So far, nothing. Any ideas?
Try removing the extra whitespace in your theme header so the doctype is the first line.
Sometimes when you switch over to https, you also need to clear concrete5's cache. Perhaps turn that completely off for a bit and see if that helps.
I normally enforce https through an htaccess change only, I'll add in the two lines here:
I normally enforce https through an htaccess change only, I'll add in the two lines here:
<IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME}/index.html !-f RewriteCond %{REQUEST_FILENAME}/index.php !-f RewriteRule . index.php [L] </IfModule>
I see the bad URL is at: /packages/equinox/themes/equinox/css//
It seem to be referenced all over your main.css and maybe other as: background-image: url('/packages/equinox/themes/equinox/css//')
This is causing all kind of confusion with redirects. Looks like you're also using nginx base on your server response so I don't know if those apache config will work unless you're doing nginx->apache proxy. This is my guess: https -> http proxy and the redirects are result of apache doing http redirect.
Check your equinox theme config for background-image. Make sure it's a good image or don't set one.
It seem to be referenced all over your main.css and maybe other as: background-image: url('/packages/equinox/themes/equinox/css//')
This is causing all kind of confusion with redirects. Looks like you're also using nginx base on your server response so I don't know if those apache config will work unless you're doing nginx->apache proxy. This is my guess: https -> http proxy and the redirects are result of apache doing http redirect.
Check your equinox theme config for background-image. Make sure it's a good image or don't set one.
I had the same issue using the equinox theme. There is a mixed content error when applying https because of this line in packages\equinox\themes\equinox\elements\head.php
to fix copy this file to application\themes\equinox\elements\head.php and change the line to:
<link href='http://fonts.googleapis.com/css?family=Raleway:400,600' rel='stylesheet' type='text/css'>
to fix copy this file to application\themes\equinox\elements\head.php and change the line to:
<link href='//fonts.googleapis.com/css?family=Raleway:400,600' rel='stylesheet' type='text/css'>
Thank you!
The problem you are having is common when you use SSL for the first time. You have URL's that are using http but need to be updated to https or use the relative path to the file.
I ran your site through http://www.whynopadlock.com. That will help you fix the mix content url issues you are having.
Here is the results of your website after being scanned by whynopadlock.com.
https://www.whynopadlock.com/results/f19e4fea-942d-4028-99ae-b40f0bd...
Hope this helps.
I ran your site through http://www.whynopadlock.com. That will help you fix the mix content url issues you are having.
Here is the results of your website after being scanned by whynopadlock.com.
https://www.whynopadlock.com/results/f19e4fea-942d-4028-99ae-b40f0bd...
Hope this helps.
That is a great tool. Thank you for sharing!