Jump to content


Photo
- - - - -

SSL Certificates WhiteHouse Pro 3


This topic has been archived. This means that you cannot reply to this topic.
6 replies to this topic

#1 gilscapegmailcom

gilscapegmailcom

    Newbie

  • Members
  • Pip
  • 6 posts

Posted 05 October 2010 - 01:19 PM

Hello. I have a question that perhaps someone in the forums, or even the admins, could help me resolve regarding using an SSL Cert with WhiteHouse Pro 3. My issue revolves around figuring out a way to secure two pages (Contact and Support) on my site to use SSL (https://), and have browsers understand that these are fully secure (text, images, etc.) while the rest of the pages are left un-secure (http://). I have already secured the Admin, Login and Registration pages using the define('FORCE_SSL_LOGIN', true); and define('FORCE_SSL_ADMIN', true); values so they are good. Now I just need to figure out how to keep my Contact and Support pages from displaying in a "mixed mode" that causes browsers to either not display the padlock icon in the browser or show some type of security warning. Thanks in advance for any help.

#2 gilscapegmailcom

gilscapegmailcom

    Newbie

  • Members
  • Pip
  • 6 posts

Posted 05 October 2010 - 02:25 PM

For reference to the above request, I forgot to leave the URLs to my site.

Website:

Please Login or Register to see this Hidden Content


Contact page:

Please Login or Register to see this Hidden Content


Support page:

Please Login or Register to see this Hidden Content



#3 cmunns

cmunns

    Advocate

  • Members

  • 6537 posts

Posted 05 October 2010 - 05:50 PM

I'm not entirely sure why the process would only work for admin pages in this case but I dug up this link which references a plugin among other things that may help

Please Login or Register to see this Hidden Content



#4 gilscapegmailcom

gilscapegmailcom

    Newbie

  • Members
  • Pip
  • 6 posts

Posted 05 October 2010 - 10:59 PM

Thanks Adam. I should note that my hosting provider who issued the SSL Cert gave me this bit of advice regarding the specific pages I want to encrypt,

All of the navigation and the subscribe button will need to use https to ensure that the site is secured.


Would there be a way to accomplish this (modifying page .PHP code, etc.) If so which pages in the WP Editor? Thanks!

#5 bryan-hadaway

bryan-hadaway

    Advocate

  • Members
  • PipPipPipPipPip
  • 3697 posts

Posted 06 October 2010 - 07:08 AM

BIG WARNING: If you consider attempting this you would need to backup everything; files, backup theme options/feature setup options to database and then backup the database.

But have you considered going to:

Settings > General

and in both spots there changing:

Please Login or Register to see this Hidden Content



to

Please Login or Register to see this Hidden Content



I give the big warning because I'm not sure what possible negative effects this could possibly have. Ideally, it should just update the .htaccess and URL's in all the files db, but...

Thanks, Bryan

#6 gilscapegmailcom

gilscapegmailcom

    Newbie

  • Members
  • Pip
  • 6 posts

Posted 12 October 2010 - 03:32 PM

Thanks Bryan. I devised a solution by settings up another WP installation in a subdirectory called "ssl" one level down from my main WP install. Then I just imported everything from the main WP install over to the new one and did set the path to SSL as you suggested. I also locked down the Register and Login URLs using the "force SSL" values from the Codex. That said, I removed all pages but the Contact and Support which were the only two that needed to be secured with my SSL Cert. Then I used the custom menu generator in WP 3 to link to the "https://" pages (Contact, Support) in the "ssl" WP install. Finally I have cforms II redirect all users upon successful submission to my "http://" non-ssl WP site. It seems to be working in all browsers and platforms I have tested it on (Windows using IE 8, Mac OS X, using Safari 5, and BlackBerry). I really appreciate everyone's responses and help. High fives and fist bumps!

#7 bryan-hadaway

bryan-hadaway

    Advocate

  • Members
  • PipPipPipPipPip
  • 3697 posts

Posted 13 October 2010 - 04:19 AM

Wow, sounds like a lot of work, nice one. I imagine a safer, more private internet in the future where your IP is protected and everything is https secured by default. I think the biggest myth and worry that most people have about https is that it blocks their site from having PageRank. Thanks, Bryan