Jump to content


Photo
- - - - -

Problem with SSL protected pages

SSL WordPress HTTPS

Best Answer Simon_P , 05 February 2013 - 09:24 PM

The css is all https:// now. If you view the source of your page and search for http:// you'll find the favicon and the logo, both these need to be changed to ssl if your going to use them.

Go to the full post


  • Please log in to reply
22 replies to this topic

#1 Advocate

Advocate

    Member

  • Members

  • 24 posts
  • Country: Country Flag

Posted 01 February 2013 - 03:47 PM

Hello PageLines Experts,


I am having an issue getting SSL pages to display properly as secured pages.  I only want certain pages to be SSL protected; consequently, I am using the WordPress HTTPS plugin Version 3.3.0 (which is activated).  


I have updated versions of PageLines and WordPress.  


I am using the IBlogPro5 theme.


I have saved the permalinks.  


I have reviewed Simon's code here:  


Please Login or Register to see this Hidden Content


I have attempted to paste the code to functions.php file of IBlogPro5 file (I am assuming that is where he wants the code) and saved the file.  It didn't resolve the issue; so, I removed the code from the function.php file.  BTW:  I did not see a functions.php file for the WordPress HTTPS plugin.  Perhaps, it is buried somewhere.  


Chrome attempts to display the page but all Pagelines formatting is lost and there is no indicator that the page is secure.  Firefox, IE, and Safari will display the page(s) with correct formatting and with the https:// in the address bar but there is NO "lock" to indicate that the page is secure.  This suggests to me that the page is not secure.  


I do have an SSL certificate from my web host.  It is installed.  When I switch from the iBlogProg5 theme to the generic Twenty Twelve theme the SSL pages display just fine with the https:// AND WITH THE LOCK to indicate that the page is secure.  


Any thoughts?

 

Update:  I reread the above post by Simon:  

Please Login or Register to see this Hidden Content

and added his code to the functions.php file of the pagelines customize plugin which is active and still I am having no luck.  

 

 

<?php
/**
 * PageLines Customize functions.php.
 *
 * @author Simon Prosser
 */
/*
// ---- ADDING NEW TEMPLATES ---- //
 
    Want another page template for drag and drop? Easy :)
    1. Add File called page.[page-id].php to this folder.
    2. Add Template Name: Your Page Name to that file ( see page.base.php for an example. )
    3. Thats it! We do the rest for you!
    
// ---- ADDING NEW SECTIONS ---- //
 
    Adding new sections is really easy in 2.0
    1. Copy your section.[sectionname].php file into the sections folder
    2. It will be auto loaded for you.
    3. You can now enable/disable the section in the extensions menu.
 
// FILTERS EXAMPLE ---------//
 
    // The following filter will add the font  Ubuntu into the font array $thefoundry.
    // This makes the font available to the framework and the user via the admin panel.
*/
add_filter ( 'pagelines_foundry', 'my_google_font' );
 
function my_google_font( $thefoundry ) {
    $myfont = array( 'Ubuntu' => array(
            'name' => 'Ubuntu',
            'family' => '"Ubuntu", arial, serif',
            'web_safe' => true,
            'google' => true,
            'monospace' => false
            )
        );
    return array_merge( $thefoundry, $myfont );
}
add_filter( 'pless_vars', 'make_ssl_vars' );
   add_action( 'pl_force_ssl', '__return_true' );
    
   function make_ssl_vars( $vars ) {
    
       $vars['plSectionsRoot'] = str_replace( 'http://', 'https://', $vars['plSectionsRoot'] );
           $vars['plRoot'] = str_replace( 'http://', 'https://', $vars['plRoot'] );
       return $vars;
   }
/*
// ====================================================
// = YOUR FUNCTIONS - Where you should add your code  =
// ====================================================
*/

  • Stojerbtrog likes this

#2 Rob

Rob

    One Smart Egg

  • Members
  • 13575 posts
  • LocationEast Coast, USA
  • Framework Version:The Latest, of course
  • Country: Country Flag

Posted 01 February 2013 - 10:23 PM

Hi,

 

Chrome, as opposed to other browsers, has unique and special settings for dealing with SSL.

Here are some links that will explain what to do and how this works.

 

1. 

Please Login or Register to see this Hidden Content

.

2. 

Please Login or Register to see this Hidden Content

3. 

Please Login or Register to see this Hidden Content



#3 Advocate

Advocate

    Member

  • Members

  • 24 posts
  • Country: Country Flag

Posted 02 February 2013 - 12:05 AM

Hello One Smart,


Thank you for taking time to respond to my issue.  I have gone through your example and have the following thing to add:


Chrome and Firefox (as well as IE and Safari) all display the pages as SSL (https:// and with the lock) if I change the theme from iBlogPro5 to a generic WordPress theme (ie Twenty Twelve).  I don't have to go through any special browser setting changes in Chrome or Firefox to get the page to display correctly as long as I am using a basic theme.  Based on what I see in the forums, it looks like there may be some issue with how SSL is handling css, fonts, and/or Java (if Pagelines uses Java) in the PageLines Theme.  I have tried to read Simon's explanations, but I am unable to resolve the issue.  


My issue seems to track very closely to this one which has not been marked as resolved.  I even tried to send this user a private message to see if/how he/she resolved it.  


Please Login or Register to see this Hidden Content



#4 Rob

Rob

    One Smart Egg

  • Members
  • 13575 posts
  • LocationEast Coast, USA
  • Framework Version:The Latest, of course
  • Country: Country Flag

Posted 02 February 2013 - 04:22 AM

Hi,

 

The majority of topics in our forum remain unresolved or open.  That one isn't too old, so the solution provided should work. If a client doesn't reply for some time, usually they've accepted the solution.



#5 Advocate

Advocate

    Member

  • Members

  • 24 posts
  • Country: Country Flag

Posted 03 February 2013 - 09:32 AM

Hello One Smart,

 

Thanks again for replying.  I still have not heard back from the other poster.  However, my issue remains.  I am able to get correct SSL display (with the padlock) if I use the generic theme.  Once I switch to Pagelines, I no longer get the padlock.  I suspect there is some coding needed to resolve this. 

 

Perhaps, I can ask more generically, "How do most people secure their pages?"  The site is hosted with GoDaddy (one of the largest hosts).  The SSL is from them.  It is installed by them.  I would like to secure certain pages on the site using a Pagelines theme (again I can secure any page if I use the Twenty Twelve theme without an issue).

 

I am no Pagelines/design/CSS expert, but my minds eye is telling me that the some "insecure" elements are being passed when I implement the Pagelines theme.   I tried to follow Simon's work around (code).  I even included a copy and paste of the file (above).  Still, I am stumped.  

 

Do you all have a white paper on implementing SSL on certain pages?  I would think this would be a pretty standard request (for forms, wp-admin logins, etc...).  



#6 mackenzie

mackenzie

    Advocate

  • Members
  • 333 posts
  • Country: Country Flag

Posted 05 February 2013 - 05:57 PM

Have you heard back from the poster or from another staff member directly?



#7 Simon_P

Simon_P

    Messer

  • Administrators



  • 8388607 posts
  • LocationDevon
  • Framework Version:2.1.1
  • Country: Country Flag

Posted 05 February 2013 - 06:23 PM

Please provide a URL for the site with the problem, your private support URL just redirects to godaddy.

Im assuming your site is

Please Login or Register to see this Hidden Content

from open tickets and now even posts on the wordpress forums.

If this is the site in question then the reason the css is not included on chrome is that the https:// css url is redirected by your server to http:// so the browser sees it as a 404.

 

Firefox is intelligent enough to ignore this server misconfiguration.

 

So in closing, you need to make sure that the css can be loaded as a https://

This is a server misconfiguration.

 

If the site is fully SSL then the framework will make all urls

Please Login or Register to see this Hidden Content



#8 CNVI

CNVI

    Member

  • Members


  • 27 posts
  • Framework Version:DMS2
  • Country: Country Flag

Posted 05 February 2013 - 07:08 PM

We've having a similar problem on a site we just updated to Pagelines 2.4 / iBlogPro 5.1.1.  

 

It's displaying correctly in Safari / Firefox, but the sidebar's and footer boxes are stacking below the content -- as if the page things it's displaying on a mobile browser.

 

W3C validated correctly, have tried disabling all plugins.

 

Please Login or Register to see this Hidden Content



#9 catrina

catrina

    Advocate

  • Members
  • 12345 posts
  • LocationCalifornia
  • Country: Country Flag

Posted 05 February 2013 - 07:42 PM

@cnvi Please post your issue in a new topic so that we don't get solutions and responses mixed up. :)



#10 Advocate

Advocate

    Member

  • Members

  • 24 posts
  • Country: Country Flag

Posted 05 February 2013 - 07:42 PM

Thank you Simon and MacKenzie for taking a look.  

 

Yes, the site in question is:  

Please Login or Register to see this Hidden Content

 

I would like to be able to make certain pages SSL (encrypted) - not the entire site.  

 

I have added another page.  The original Sample Page still keeps the SSL and I am unable to get that page to load correctly.  The new page that I have added (Another Sample Page) does not have SSL on it and loads correctly.  If I use another Framework/theme combination (ie Studio Press), the site works fine (meaning I am able to SSL protect individual pages).  The site also works fine if I use the Generic Twenty Twelve theme from WordPress.  

 

Simon, I am using GoDaddy as my webhost.  I am willing to accept you position that it is "server misconfiguration".  Though I have talked with them several times, I am more than willing to talk to them again.  When I call them, what exactly should I say (or ask of them) to resolve this?  "I need to be able to load css using https:// please configure the server accordingly."  Would that do it or is there something else I should be asking?  Again, the end result is:  I want to SSL protect certain pages (like I can in Twenty Twelve or Studio Press) not the entire site.  Though I would like to get this resolved using GoDaddy, it is for a client site, does your hosting services automatically allow what it is I am trying to do.  If so, I will push other clients your way b/c the time and effort I have spent trying to resolve this is more than I can stand to do again.  :)  



#11 Simon_P

Simon_P

    Messer

  • Administrators



  • 8388607 posts
  • LocationDevon
  • Framework Version:2.1.1
  • Country: Country Flag

Posted 05 February 2013 - 07:49 PM

Please Login or Register to see this Hidden Content

 If you look at the source of your page.. I'll use screenshots here so you can see... 

Please Login or Register to see this Hidden Content

 

 

Please Login or Register to see this Hidden Content

 Yes your problem is identical, view the source of your page, click the css link and watch the browser be redirected to non-ssl.


#12 Advocate

Advocate

    Member

  • Members

  • 24 posts
  • Country: Country Flag

Posted 05 February 2013 - 07:49 PM

CNVI - if you need to contact me, please private message me.  Also, please share your webhost.  I have looked in the GoDaddy forums for CSS/SSL/WordPress issues and have not found much.  Unfortunately, I don't have much to share in the form of solutions, but I will gladly share ALL that I have done in hopes of saving you some time.  No stone has gone unturned.  Good luck.  



#13 Simon_P

Simon_P

    Messer

  • Administrators



  • 8388607 posts
  • LocationDevon
  • Framework Version:2.1.1
  • Country: Country Flag

Posted 05 February 2013 - 07:52 PM

Please Login or Register to see this Hidden Content

 
is your site set to SSL in the wordpress main settings? If your whole site is supposed to be ssl you dont need a plugin, just change the site url to https:// and EVERY url will respect it automatically.

#14 Advocate

Advocate

    Member

  • Members

  • 24 posts
  • Country: Country Flag

Posted 05 February 2013 - 08:16 PM

Hello Simon,

 

As you have seen, I have also posted to the WordPress forum about the WordPress HTTPS plugin.  

 

That said, I have disabled that plugin (as I did with your tech support last night).  When I do that, I get a partially encrypted page, but the page does keep the formatting which is better than before.  

 

Also, when I double click on the css URL that you highlighted in your screen shot (above), the css now remains https://

 

My question now is:  How do I go about encrypting those elements that aren't presently encrypted?  



#15 Simon_P

Simon_P

    Messer

  • Administrators



  • 8388607 posts
  • LocationDevon
  • Framework Version:2.1.1
  • Country: Country Flag

Posted 05 February 2013 - 08:21 PM

I just looked and I see no change, if your going to disable something at least give us a chance to see it too.

 

Just add this to the customize plugin functions.php:

 

 

 

Please Login or Register to see this Hidden Content

Then click flush css, or click SAVE on any PageLines admin page. This will rebuild the css cached file.



#16 Advocate

Advocate

    Member

  • Members

  • 24 posts
  • Country: Country Flag

Posted 05 February 2013 - 09:09 PM

Hello Simon,

 

Thanks for all of your help.  When I said I disabled WordPress HTTPS, I did it then and I never re-enabled.  It is still disabled.  When I look at the Sample Page I do see a change like I saw last night when I disabled it temporarily.  Now (like last night), I have ALL formatting intact, but I have partial encryption.  I would like to have complete encryption of the page.  

 

I went into the PageLines console and randomly saved several things (in hopes of flushing the css).  I have also added the code that you suggest and now my customize pagelines functions.php file appears as follow (between the comment outs), but I still have partial encryption:  

 

 

*/
add_filter ( 'pagelines_foundry', 'my_google_font' );
 
function my_google_font( $thefoundry ) {
    $myfont = array( 'Ubuntu' => array(
            'name' => 'Ubuntu',
            'family' => '"Ubuntu", arial, serif',
            'web_safe' => true,
            'google' => true,
            'monospace' => false
            )
        );
    return array_merge( $thefoundry, $myfont );
}
add_filter( 'pless_vars', 'make_ssl_vars' );
add_action( 'pl_force_ssl', '__return_true' );
     
function make_ssl_vars( $vars ) {
    $vars['plSectionsRoot'] = str_replace( 'http://', 'https://', $vars['plSectionsRoot'] );
    $vars['plRoot'] = str_replace( 'http://', 'https://', $vars['plRoot'] );
    return $vars;
}
/*


#17 Simon_P

Simon_P

    Messer

  • Administrators



  • 8388607 posts
  • LocationDevon
  • Framework Version:2.1.1
  • Country: Country Flag

Posted 05 February 2013 - 09:24 PM   Best Answer

The css is all https:// now. If you view the source of your page and search for http:// you'll find the favicon and the logo, both these need to be changed to ssl if your going to use them.



#18 Advocate

Advocate

    Member

  • Members

  • 24 posts
  • Country: Country Flag

Posted 05 February 2013 - 09:53 PM

Hello Simon,

 

I think we (really you) may have done it.  I want to do a couple more tests this evening.  Assuming all goes well and I expect that it will, I will mark this thread as closed.  No matter what my testing tonight shows, thanks for your help today.  



#19 Advocate

Advocate

    Member

  • Members

  • 24 posts
  • Country: Country Flag

Posted 06 February 2013 - 04:51 AM

Hello Simon,

 

I have tested and retested and found that with your help I can I get the page to display securely.  For that, thanks.  However, every hyperlink after that becomes SSL encrypted (which I don't want).  For example, if you picked Menu 1 b (under 1 a) and went to the address bar and put in the https:// prefix, the page will secure without issue, but if you scroll over (or click on) any of the other menu items they too are now encrypted.  How can I have a specific page encrypted, but if I click on anyone other menu item, those other menu items display as unencrypted (like I would be able to do with WordPress HTTPS and another theme like the generic Twenty Twelve)?  



#20 Simon_P

Simon_P

    Messer

  • Administrators



  • 8388607 posts
  • LocationDevon
  • Framework Version:2.1.1
  • Country: Country Flag

Posted 06 February 2013 - 06:34 PM

Reason is simple, your letting WP create your menus automagically for the pages... 

 

 

If you create a menu, then assign it you can make the links whatever you want. http:// or https://







Also tagged with one or more of these keywords: SSL, WordPress HTTPS