Im having an issue with SSL links in Magento.
I have SSL setup and working...all usual settings.
When i view the source of a page, i can still see HTTP links...and this is invalidating the SSL.
The urls in question (relating to currnecy, store switcher, navigation) are all given out by Magento functions. Such as:
getCategoryUrl();
getSwitchCurrencyUrl();
Does anyone know what may be wrong...is their something i may have missed?
Need any more info, pls let me know...
thanks
Shaun
This is a good thing in the fact that it 'help' prevent search engine from seeing links to your catalog and product page as also been https (causing duplicate content). Also to my knowledge, only if you have resources (images, css, js) it will affect (invalidate) your ssl (because of browser cookies). If you view source on a page with ssl magento will automatically convert those resources to https
Related
I am new to Magento, We have one Magento 1.9 version website. Actually I want to change the host, for this, I took all files backup from the server and also exported the database and then I have uploaded all files into another host(Godaddy) and imported the database. Everything working fine at the admin panel or backend pages, but front end pages not loading properly, just its loading header part of the page.
I didn't change anything in the files, I just transferred the files from one host into another hosting, but I don't know why frontend pages are not loading.
Please anyone give me a solution to fix that issue. Please see the below screenshot for reference. Thank you in advance.
This behavior could be due to a PHP error that is not being printed to the screen because of the PHP configuration. Try enabling print error on PHP and see if anything shows up. Contact your provider (Godaddy) for guidance.
Also, ensure that all configuration on admin panel is set. When you upload database and make a new installation, even when uploading the old database, if you do not specify the same old encryption key, some configuration will be missing, for example payment provider tokens and so on.
Check also if your home page CMS still exists and is configured to show on home page. Check this on CMS pages and maybe on your theme configuration.
system -> configuration -> general -> web -> homepage CMS
For any further guidance, would need more details.
I have added ssl to my website https://phone-pedia.com.
lock is only appearing on homepage. On other pages, lock does not appear. I tried to clear cache but issue is still here.
Is it a Laravel issue or ssl problem ?
If mixed content is the problem then why homepage has a lock. ?
Chrome says your site uses sources (such as images) from non-secured origins. You should use in your views the asset_secure helper instead of asset. If you already do, check if you use in other sources from non-secured origins. Otherwise it has to do with your SSL.
You have mixed content on some of your pages. If you look at your browser console you'll see a message like the following:
Mixed Content: The page at 'https://example.com/path' was loaded over HTTPS, but requested an insecure image 'http://example.com/storage/products/images/example.png'. This content should also be served over HTTPS.
You need to serve all of your content over HTTPS.
I am currently experiencing some problems with my Google search implementation due to a recent change to HSTS for my entire shop.
How can I create a Google sitmeap in Magento which uses the 'https://' links instead of 'http://' ?
I have already deleted my sitemap and generated a new one. It still suses http:// links.
In Google search console I see that only 8 of my 45 sites have been indexed so far..
Appreciate your help!
The sitemap links are generated using the {{unsecure_base_url}}. Make sure you change this value from http://yoursite.com to https://yoursite.com found at System->Configuration->Web Unsecure Base URL. Also, make sure both Use Secure URLs in Frontend and Backend options are set to "Yes".
Magento has in built functionality to use https for my account pages , login page and checkout pages. However, we're finding that only the images and script links are dynamically changing to https. All the page links are not changing in these secure area and have http links instead. We are using Magento 1.7
We're looking for a possible answer or some actual help here and are willing to pay for it.
Any suggestions?
I've run into a catch-22 with the search form that hopefully someone can help me with. From any of the secure pages in our Magento store (My Account, Checkout, etc) if you use the mini search form in the header, it takes you to a secure search results page https://oursite.com/catalogsearch/result. This results in a browser warning because there is unsecure content on that page. I thought I could fix this by modifying the CatalogSearch Helper class so that the getResultUrl functions always returns an http: link. However, this results in the browser warning you that you are about to send form data over a non-secure connection. So I can't seem to find a solution that doesn't look dangerous to the user.
Any ideas?
I know this is not the proper EAV/MVC/1000 lines of XML Magento module way of doing it, however, since this is a straightforward http/https problem you can put a couple of lines in .htaccess to get your search box behaving correctly:
RewriteCond %{SERVER_PORT} !^80$
RewriteRule ^catalogsearch http://www.example.com/catalogsearch/ [R=301,L]
The right way to fix this is not to use mixed content on that page. Magento can usually handle any page over HTTPS if it is requested to do so, so find the assets that are hardcoded over http:// and fix them to respect the current protocol properly.
For me the incorrect url got stuck in cache (we had heavy cache on the live server) and that caused the security warning for me. Hope this helps someone.
The question should be - why is this happening?
Doing a search on a non-secure page will yield results on a non-secure page.
After having visted a secure page, searching on a non-secure page will yield results on a secure page - how does this make any sense? What is the purpose of this?