• 0

Problem with SSL protected pages


Question

Posted · Report post

Hello PageLines Experts,


I am having an issue getting SSL pages to display properly as secured pages.  I only want certain pages to be SSL protected; consequently, I am using the WordPress HTTPS plugin Version 3.3.0 (which is activated).  


I have updated versions of PageLines and WordPress.  


I am using the IBlogPro5 theme.


I have saved the permalinks.  


I have reviewed Simon's code here:  


http://www.pagelines.com/forum/topic/20593-https-issue/#entry120071


I have attempted to paste the code to functions.php file of IBlogPro5 file (I am assuming that is where he wants the code) and saved the file.  It didn't resolve the issue; so, I removed the code from the function.php file.  BTW:  I did not see a functions.php file for the WordPress HTTPS plugin.  Perhaps, it is buried somewhere.  


Chrome attempts to display the page but all Pagelines formatting is lost and there is no indicator that the page is secure.  Firefox, IE, and Safari will display the page(s) with correct formatting and with the https:// in the address bar but there is NO "lock" to indicate that the page is secure.  This suggests to me that the page is not secure.  


I do have an SSL certificate from my web host.  It is installed.  When I switch from the iBlogProg5 theme to the generic Twenty Twelve theme the SSL pages display just fine with the https:// AND WITH THE LOCK to indicate that the page is secure.  


Any thoughts?

 

Update:  I reread the above post by Simon:  http://www.pagelines.com/forum/topic/20593-https-issue/#entry120071 and added his code to the functions.php file of the pagelines customize plugin which is active and still I am having no luck.  

 

 

<?php
/**
 * PageLines Customize functions.php.
 *
 * @author Simon Prosser
 */
/*
// ---- ADDING NEW TEMPLATES ---- //
 
    Want another page template for drag and drop? Easy :)
    1. Add File called page.[page-id].php to this folder.
    2. Add Template Name: Your Page Name to that file ( see page.base.php for an example. )
    3. Thats it! We do the rest for you!
    
// ---- ADDING NEW SECTIONS ---- //
 
    Adding new sections is really easy in 2.0
    1. Copy your section.[sectionname].php file into the sections folder
    2. It will be auto loaded for you.
    3. You can now enable/disable the section in the extensions menu.
 
// FILTERS EXAMPLE ---------//
 
    // The following filter will add the font  Ubuntu into the font array $thefoundry.
    // This makes the font available to the framework and the user via the admin panel.
*/
add_filter ( 'pagelines_foundry', 'my_google_font' );
 
function my_google_font( $thefoundry ) {
    $myfont = array( 'Ubuntu' => array(
            'name' => 'Ubuntu',
            'family' => '"Ubuntu", arial, serif',
            'web_safe' => true,
            'google' => true,
            'monospace' => false
            )
        );
    return array_merge( $thefoundry, $myfont );
}
add_filter( 'pless_vars', 'make_ssl_vars' );
   add_action( 'pl_force_ssl', '__return_true' );
    
   function make_ssl_vars( $vars ) {
    
       $vars['plSectionsRoot'] = str_replace( 'http://', 'https://', $vars['plSectionsRoot'] );
           $vars['plRoot'] = str_replace( 'http://', 'https://', $vars['plRoot'] );
       return $vars;
   }
/*
// ====================================================
// = YOUR FUNCTIONS - Where you should add your code  =
// ====================================================
*/
1 person likes this

Share this post


Link to post
Share on other sites

22 answers to this question

  • 0

Posted · Report post

The css is all https:// now. If you view the source of your page and search for http:// you'll find the favicon and the logo, both these need to be changed to ssl if your going to use them.

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

Hi,

 

Chrome, as opposed to other browsers, has unique and special settings for dealing with SSL.

Here are some links that will explain what to do and how this works.

 

1.  Install SSL Root Certificate for Chrome.

2.  Advanced Security Settings - Chrome

3.  How are Chrome and Firefox validating ssl certificates

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

Hello One Smart,


Thank you for taking time to respond to my issue.  I have gone through your example and have the following thing to add:


Chrome and Firefox (as well as IE and Safari) all display the pages as SSL (https:// and with the lock) if I change the theme from iBlogPro5 to a generic WordPress theme (ie Twenty Twelve).  I don't have to go through any special browser setting changes in Chrome or Firefox to get the page to display correctly as long as I am using a basic theme.  Based on what I see in the forums, it looks like there may be some issue with how SSL is handling css, fonts, and/or Java (if Pagelines uses Java) in the PageLines Theme.  I have tried to read Simon's explanations, but I am unable to resolve the issue.  


My issue seems to track very closely to this one which has not been marked as resolved.  I even tried to send this user a private message to see if/how he/she resolved it.  


http://www.pagelines.com/forum/topic/20593-https-issue/

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

Hi,

 

The majority of topics in our forum remain unresolved or open.  That one isn't too old, so the solution provided should work. If a client doesn't reply for some time, usually they've accepted the solution.

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

Hello One Smart,

 

Thanks again for replying.  I still have not heard back from the other poster.  However, my issue remains.  I am able to get correct SSL display (with the padlock) if I use the generic theme.  Once I switch to Pagelines, I no longer get the padlock.  I suspect there is some coding needed to resolve this. 

 

Perhaps, I can ask more generically, "How do most people secure their pages?"  The site is hosted with GoDaddy (one of the largest hosts).  The SSL is from them.  It is installed by them.  I would like to secure certain pages on the site using a Pagelines theme (again I can secure any page if I use the Twenty Twelve theme without an issue).

 

I am no Pagelines/design/CSS expert, but my minds eye is telling me that the some "insecure" elements are being passed when I implement the Pagelines theme.   I tried to follow Simon's work around (code).  I even included a copy and paste of the file (above).  Still, I am stumped.  

 

Do you all have a white paper on implementing SSL on certain pages?  I would think this would be a pretty standard request (for forms, wp-admin logins, etc...).  

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

Have you heard back from the poster or from another staff member directly?

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

Please provide a URL for the site with the problem, your private support URL just redirects to godaddy.

Im assuming your site is https://www.mycomputervirus.com/sample-page/ from open tickets and now even posts on the wordpress forums.

If this is the site in question then the reason the css is not included on chrome is that the https:// css url is redirected by your server to http:// so the browser sees it as a 404.

 

Firefox is intelligent enough to ignore this server misconfiguration.

 

So in closing, you need to make sure that the css can be loaded as a https://

This is a server misconfiguration.

 

If the site is fully SSL then the framework will make all urls https:// 

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

We've having a similar problem on a site we just updated to Pagelines 2.4 / iBlogPro 5.1.1.  

 

It's displaying correctly in Safari / Firefox, but the sidebar's and footer boxes are stacking below the content -- as if the page things it's displaying on a mobile browser.

 

W3C validated correctly, have tried disabling all plugins.

 

https://www.txtdirector.com

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

@cnvi Please post your issue in a new topic so that we don't get solutions and responses mixed up. :)

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

Thank you Simon and MacKenzie for taking a look.  

 

Yes, the site in question is:  http://www.mycomputervirus.com

 

I would like to be able to make certain pages SSL (encrypted) - not the entire site.  

 

I have added another page.  The original Sample Page still keeps the SSL and I am unable to get that page to load correctly.  The new page that I have added (Another Sample Page) does not have SSL on it and loads correctly.  If I use another Framework/theme combination (ie Studio Press), the site works fine (meaning I am able to SSL protect individual pages).  The site also works fine if I use the Generic Twenty Twelve theme from WordPress.  

 

Simon, I am using GoDaddy as my webhost.  I am willing to accept you position that it is "server misconfiguration".  Though I have talked with them several times, I am more than willing to talk to them again.  When I call them, what exactly should I say (or ask of them) to resolve this?  "I need to be able to load css using https:// please configure the server accordingly."  Would that do it or is there something else I should be asking?  Again, the end result is:  I want to SSL protect certain pages (like I can in Twenty Twelve or Studio Press) not the entire site.  Though I would like to get this resolved using GoDaddy, it is for a client site, does your hosting services automatically allow what it is I am trying to do.  If so, I will push other clients your way b/c the time and effort I have spent trying to resolve this is more than I can stand to do again.  :)  

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

PersonofInterest If you look at the source of your page.. I'll use screenshots here so you can see... http://screencast.com/t/1lLmSdx9

 

 

cnvi Yes your problem is identical, view the source of your page, click the css link and watch the browser be redirected to non-ssl.

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

CNVI - if you need to contact me, please private message me.  Also, please share your webhost.  I have looked in the GoDaddy forums for CSS/SSL/WordPress issues and have not found much.  Unfortunately, I don't have much to share in the form of solutions, but I will gladly share ALL that I have done in hopes of saving you some time.  No stone has gone unturned.  Good luck.  

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

cnvi is your site set to SSL in the wordpress main settings? If your whole site is supposed to be ssl you dont need a plugin, just change the site url to https:// and EVERY url will respect it automatically.

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

Hello Simon,

 

As you have seen, I have also posted to the WordPress forum about the WordPress HTTPS plugin.  

 

That said, I have disabled that plugin (as I did with your tech support last night).  When I do that, I get a partially encrypted page, but the page does keep the formatting which is better than before.  

 

Also, when I double click on the css URL that you highlighted in your screen shot (above), the css now remains https://

 

My question now is:  How do I go about encrypting those elements that aren't presently encrypted?  

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

I just looked and I see no change, if your going to disable something at least give us a chance to see it too.

 

Just add this to the customize plugin functions.php:

 

 

 

add_filter( 'pless_vars', 'make_ssl_vars' );
add_action( 'pl_force_ssl', '__return_true' );
    
function make_ssl_vars( $vars ) {
    $vars['plSectionsRoot'] = str_replace( 'http://', 'https://', $vars['plSectionsRoot'] );
    $vars['plRoot'] = str_replace( 'http://', 'https://', $vars['plRoot'] );
    return $vars;
}
 

Then click flush css, or click SAVE on any PageLines admin page. This will rebuild the css cached file.

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

Hello Simon,

 

Thanks for all of your help.  When I said I disabled WordPress HTTPS, I did it then and I never re-enabled.  It is still disabled.  When I look at the Sample Page I do see a change like I saw last night when I disabled it temporarily.  Now (like last night), I have ALL formatting intact, but I have partial encryption.  I would like to have complete encryption of the page.  

 

I went into the PageLines console and randomly saved several things (in hopes of flushing the css).  I have also added the code that you suggest and now my customize pagelines functions.php file appears as follow (between the comment outs), but I still have partial encryption:  

 

 

*/
add_filter ( 'pagelines_foundry', 'my_google_font' );
 
function my_google_font( $thefoundry ) {
    $myfont = array( 'Ubuntu' => array(
            'name' => 'Ubuntu',
            'family' => '"Ubuntu", arial, serif',
            'web_safe' => true,
            'google' => true,
            'monospace' => false
            )
        );
    return array_merge( $thefoundry, $myfont );
}
add_filter( 'pless_vars', 'make_ssl_vars' );
add_action( 'pl_force_ssl', '__return_true' );
     
function make_ssl_vars( $vars ) {
    $vars['plSectionsRoot'] = str_replace( 'http://', 'https://', $vars['plSectionsRoot'] );
    $vars['plRoot'] = str_replace( 'http://', 'https://', $vars['plRoot'] );
    return $vars;
}
/*

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

Hello Simon,

 

I think we (really you) may have done it.  I want to do a couple more tests this evening.  Assuming all goes well and I expect that it will, I will mark this thread as closed.  No matter what my testing tonight shows, thanks for your help today.  

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

Hello Simon,

 

I have tested and retested and found that with your help I can I get the page to display securely.  For that, thanks.  However, every hyperlink after that becomes SSL encrypted (which I don't want).  For example, if you picked Menu 1 b (under 1 a) and went to the address bar and put in the https:// prefix, the page will secure without issue, but if you scroll over (or click on) any of the other menu items they too are now encrypted.  How can I have a specific page encrypted, but if I click on anyone other menu item, those other menu items display as unencrypted (like I would be able to do with WordPress HTTPS and another theme like the generic Twenty Twelve)?  

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

Reason is simple, your letting WP create your menus automagically for the pages... 

 

 

If you create a menu, then assign it you can make the links whatever you want. http:// or https://

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

Works perfectly.  You can mark this closed again for extra emphasis!

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

I don't understand at all why Simon's solution does not work as a "complete" solution. Yes, it corrected some of the problems with the links to CSS, yet it leaves others broken, such as the include to:

 

http://www.mydomain.com/wp-content/themes/pagelines/sections/navbar/navbar.js?ver=3.5.1

 

Why on earth wouldn't it fix that?

 

Also it leaves this include non-ssl also:

 

http://code.jquery.com/jquery-1.9.1.min.js

 

Why would the solution correct many of the http links but not ALL of them?

 

Where would one go within pagelines to manually change the code structure on those links to remove all protocol reference, like they should have been done to start with?

 

Thanks.

Share this post


Link to post
Share on other sites
  • 0

Posted · Report post

For others viewing this post, depending on your hosting and SSL setup, this may benefit you: http://www.pagelinestheme.com/pagelines-dms-ssl-https-wp-engine/

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now