SSL vs Website Content

Hello, I try to add SSL for my website www.areavis.com Everything went by the thought until the time my hosting support wrote that the problem was with CSS and content. How can I fix it? Please help


Here's what my web host wrote:


I have tried adding this to your .htaccess file, but it does something to your CSS and there is basically no styling of your content. The same result happened when trying:

RewriteCond %{SERVER_PORT} 80
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Quote · 9 May 2017

Did they change the inc/header.include.php file?

Geeks, making the world a better place
Quote · 9 May 2017

Basically you change the header file to point to https:// of your domain and then you use the rewrite to make sure that if anyone tries to access the site on port 80 it will redirect to port 443

Geeks, making the world a better place
Quote · 9 May 2017

Thank you I send these informations for my server support and they made these changes.


The padlock finally appeared at my internet address. However, unfortunately it does not work well because of the images added from another source that was not SSL protected. What can I do in this case? And how to find such images to remove or add to the server?


Please provide further information.



"The warning that the website is not fully secure is because you linked some images to your site which are transferred over an insecure link.
We recommend you use only local images that you saved to your server or, if you need to use offsite images, to link them through the HTTPS protocol."

Quote · 10 May 2017

Also linking to google fonts using http will cause the same.  If you hardcoded links to images using http then you have to change those links to https.  Any image that can not be accessed through https would need to be removed.  One solution they provided was to download the remote images and link to them on your server.  For example, if you linked to http://remote-site.tld/big_bunny.jpg  then you need to use https://remote-site.tld/big_bunny.jpg and if that does not work then download the file big_bunny.jpg to a directory, say /media/my_images and then you link to that image on your site using https.

Geeks, making the world a better place
Quote · 10 May 2017

So I have to remove links from http or add them just to the end of 's' to be the https prefix? Can the problem also be the 'sites' module? If this is the case then the problem is bigger because my website is providing different content through the 'sites' module and also from the websites without https. I don't even know how many pages and photos I have without https, it's a lot of work to change each page individually and the photo to change from http to https. Is there any automatic way to find all these pages and photos?



I don't know how I can quickly find all of photos linked to http?

Quote · 10 May 2017

A link on a page does not have to be changed.  It is when you load content from a remote site.

Geeks, making the world a better place
Quote · 11 May 2017

So how can I track such content on my website? And remove it? How do I know if it's 1 post or more?


Unfortunately the problem with ssl still occurs. Another problem is that my website with https:// has only 5 shares, and the previous page with a regular http:// had 11.3k shares. How can I restore these shares for https://?

Unfortunately, there is also a problem with the operation of the website every day. For a few minutes it switches to http:// and you can not do anything then, you can not even log in.
Please help.

Quote · 1 Jun 2017

UP

Quote · 5 Jun 2017

 

So how can I track such content on my website? And remove it? How do I know if it's 1 post or more?

 I experienced the same thing when I took a site to SSL.

Lucky for me it was a young site and not many outside requests.

 When hosting an application over HTTPS, there can be no mixed content; that is, all content in the page must be fetched via HTTPS. It is common to see partial HTTPS support on sites, in which the main pages are fetched via HTTPS but some or all of the media elements, stylesheets, and JavaScript in the page are fetched via HTTP.    

 

You're going to have to sort through each page yourself.  Or use something like this

 

https://www.ssllabs.com/ssltest/

 

Unfortunately, many sites today load content from external sites and CDN's that do not support HTTPS. If it's not possible to serve these resources from your own host or another one that supports HTTPS, you should urge these other sites to start supporting HTTPS immediately.

ManOfTeal.COM a Proud UNA site, six years running strong!
Quote · 5 Jun 2017

 

I have tried adding this to your .htaccess file, but it does something to your CSS and there is basically no styling of your content. The same result happened when trying:

RewriteCond %{SERVER_PORT} 80
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

 Checking your site you need to remove the "www" where ever you have that.

 

This is what I use in my .htaccess file. I edited for you to use.

RewriteEngine on    RewriteCond %{SERVER_PORT} 80    RewriteRule ^(.*)$ https://areavis.com/$1 [R,L]

ManOfTeal.COM a Proud UNA site, six years running strong!
Quote · 5 Jun 2017

 

Also you can easily view the page source and then select "F3" key and search for "http:" and you will see your problems in an example page > 

 

 

 

view-source:https://www.areavis.com/blogs/entry/Koty-kochaj%C4%85-ludzi-Dowody-empiryczne

 

all these.JPG · 95.7K · 440 views
ManOfTeal.COM a Proud UNA site, six years running strong!
Quote · 5 Jun 2017

Thank you for help newton27! Finally I see for my website green padlock.

I've changed most of the html and css files from http to https. Particularly helpful for me document index.html
Where did i make these changes:


"https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="https://www.w3.org/1999/xhtml">



The last problem with redirecting to https is social sharing. On http I had 11.3 k share (most of which on google +). And now I have 5 for https. How can I redirect this properly? Is there any possibility to change the code in this case? I currently use sumo.com for social sharing. In settings on sumo.com also set up https: // but unfortunately it did not work.

Quote · 8 Jun 2017

 

How can I redirect this properly? Is there any possibility to change the code in this case? I currently use sumo.com for social sharing. In settings on sumo.com also set up https: // but unfortunately it did not work.

 Unfortunately there is no way to salvage those FB likes. Once the page is liked the address of course to link is stored in their databases..

ManOfTeal.COM a Proud UNA site, six years running strong!
Quote · 9 Jun 2017

For me, your site is still showing NOT secure.. and you need to remove the www.

 

You still show some errors.. like the link to your files module.

arev 2 file link.JPG · 31.9K · 391 views
ManOfTeal.COM a Proud UNA site, six years running strong!
Quote · 9 Jun 2017

 

Unfortunately there is no way to salvage those FB likes. Once the page is liked the address of course to link is stored in their databases..

But that shouldn't matter; if someone clicks on a share link to the http site, the server will redirect to the share link on the https so any shared links out there will still find its way to your content.

Geeks, making the world a better place
Quote · 10 Jun 2017

 

But that shouldn't matter; if someone clicks on a share link to the http site, the server will redirect to the share link on the https so any shared links out there will still find its way to your content.

 But it does. FB stores the past links / page links as full URL, if the link has changed FB will not transfer this.

I've been through it on many sites.

 

Moral of the story is if your serious about a social site with private content then you need to start the site with SSL and not do it later..

ManOfTeal.COM a Proud UNA site, six years running strong!
Quote · 10 Jun 2017

 

 

But that shouldn't matter; if someone clicks on a share link to the http site, the server will redirect to the share link on the https so any shared links out there will still find its way to your content.

 But it does. FB stores the past links / page links as full URL, if the link has changed FB will not transfer this.

I've been through it on many sites.

 

Moral of the story is if your serious about a social site with private content then you need to start the site with SSL and not do it later..

I don't see the problem here so you will need to educate me.  If FaceSucks has a link to my content, http://mydomain.tld/images/big_bunny.jpg and I am redirecting to https://mydomian.tld/images/big_bunny.jpg, anyone clicking on the link at FaceSucks will see the big_bunny.jpg.  Now yes, the share counts may be off but that does not matter, what matters is that the links over at FaceSucks still display my content when someone clicks on them.  Are you telling me that someone clicking on the link at FaceSucks won't see my content?

Geeks, making the world a better place
Quote · 12 Jun 2017
 
 
Below is the legacy version of the Boonex site, maintained for Dolphin.Pro 7.x support.
The new Dolphin solution is powered by UNA Community Management System.