Jump to content

Archived

This topic is now archived and is closed to further replies.

dario

Switched to SSL - Can't fix insecure fonts issues

Recommended Posts

dario

Hi,

I switched to SSL and am having issues with my custom fonts. I did search the forum and followed some old threads but none of them seemed to change things.

Using whynopadlock.com on https://www.sightsize.com/, results in 39 insecure items.

All take the form of:

Insecure URL: http://www.sightsize.com/wp-content/themes/sightsize/fonts/HelveticaNeue.eot
Found in: https://www.sightsize.com/wp-content/uploads/pagelines/compiled-css-core-1456973700.css

All the custom fonts (CSS and LESS fallback) are coded like so: src: url('@{plChildRoot} . . .

Any ideas on how I might solve this?

Share this post


Link to post
Share on other sites
dario

Odd.
I checked it on a couple different "is my site down?" websites and all say it's up, worldwide.

As for the main issue, I'm using a child theme and custom fonts.

Share this post


Link to post
Share on other sites
Simon

Well your custom font code needs to be ssl too.

Share this post


Link to post
Share on other sites
dario

Agreed. But does not this (src: url('@{plChildRoot} . . .) in LESS fallback and CSS do that for me?

Or do I need to be explicit there (https://www.sightsize.com/...)?

My ignorance of course.

Share this post


Link to post
Share on other sites
Simon

Depends.. if your site is set to use SSL you wont need to. If you are using some sort of clunk ssl plugin to make certain pages ssl then yes.

Maybe your site is just blocking the UK, but it just times out for me im aftraid.

Share this post


Link to post
Share on other sites
dario

Weird. I'll check with Sucuri.

Nope. No SSL plugins.
As I recall, all I did was add the cert on the server, had Sucuri add a cert on their end, change the WP URLS to https, and find/replace any http left over in the database. I did need to change some of the image URLs within the DMS editor that I had added via the media library. For some reason, they used the full URL (http), instead of [pl_site_url].

Am I correct that I should not do a find/replace on the compiled-css-core file?

Share this post


Link to post
Share on other sites
dario

I've taken CloudFlare out of the mix (Sucuri says that adding that may slow things a bit since their CloudProxy does some CDN-type things).

I've also checked the site via a London server at webpagetest.org. It works but the TTFB is over 5 seconds. From the States it's less than 1.

Share this post


Link to post
Share on other sites
Simon

Well whatever you did, the page loads for me now, and shows all resouces are loading via ssl

Share this post


Link to post
Share on other sites
dario

Fantastic!

Thanks for hanging in there.

Share this post


Link to post
Share on other sites

  • Similar Content

    • marshallsolutions
      By marshallsolutions
      For the site https://marshallsirishpub.com I am running
      Wordpress 4.9.4
      Pagelines base theme 1.0.2
      Pagelines Framework 2.5.0
      The share bar specifically Stumble Upon is causing an error when checking SSL for HTTPS at whynopadlock.com.  Here is the errors shown:
      A file with an insecure url of "http://cdn.stumble-upon.com/js/badge_su.js?v=20120613" was loaded on line: 1 of https://www.stumbleupon.com/badge/embed/2/?url=https%3A%2F%2Fmarshallsirishpub.com%2F.
      A file with an insecure url of "http://cdn.stumble-upon.com/css/badges_su.css?v=20120613" was loaded on line: 1 of https://www.stumbleupon.com/badge/embed/2/?url=https%3A%2F%2Fmarshallsirishpub.com%2F.

      Errors that are reported on line 1 are generally not part of the source code. This error may be caused by an external javascript file which is writing to the page, however we are unable to reliably detect these scripts in our automated test.
      Please contact us using the "Need Help?" link below if you need assistance with resolving this error.
      I contacted support at Really Simple SSL which is the plugin we use to convert the site to HTTPS via SSL.  They said I should contact you guys.  Here is what their support had to say via email:
      the sharing bar seems to load the Stumbleupon script over http:// despite being trying to redirect it to https://. The cdn.stumbleupon doesn't seem to have an SSL certificate and therefore refuses to load over https://. I'd suggest to contact the developer of the sharing plugin, the Stumbleupon button can de designed in another way, without it trying to load a script over http://.
      So it seems I need to modify some file in pagelines to make the stumble upon portion of the share bar to read https and not http.  If that's not possible then I need to remove stumble upon from the share bar.
      Thanks.
    • yemoonyah
      By yemoonyah+
      Hi, even though I just got a SSL certificate, I can't get the green padlock to appear due to the following error:
      :A file with an insecure url of "http://yemoonyah.com/wp-content/plugins/pl-section-boxes/check.svg" was loaded via the javascript file: https://yemoonyah.com/wp-includes/js/jquery/jquery.js?ver=1.12.4 on line 3. The insecure URL may not be directly contained in the script file and may exist elsewhere."
      I figured if I delete and re-install the plugin it might fix the problem but will my boxes on the website still be there? Or do I have to redesign everything all over again if I delete the plugin and then re-install it?
    • dougalperman
      By dougalperman+
      Hi there,
      I've getting a recurring error:
      "Platform 5 Connection IssuecURL error 60: SSL certificate problem: certificate has expired"
      I can't get the Extension Engine to load. It just times out. Same happens on two different sites that I run (www.innerear.co.uk and www.tradtv.scot, which I'm currently rebuilding).
      I've tried disabling all plugins (apart from Platform 5) andI contacted my hosts and they aren't blocking any IP addresses. I've deactivated and reactivated the Platform 5 plugin and disconnected and reconnected my account.
      Is there an issue with the Pagelines SSL certificate or something else causing the connection issue and stopping the extension engine from loading (it just spins with the LOADING cog and nothing happens, regardless of how long I leave it).
      Any help much appreciated.
    • SaschaM
      By SaschaM+
      hi
      i wanted to point out at this time, that i am very very very happy with platform 5. (before i used DMS and others) as some ppl talking here some things are not working, i can say the opposite working on my Web:
      1. UberMenu
      is running fine, without shortcodes or "tricks" necessary - it runs out of the box with no problems in a few clicks configured. also further ubermenu plugins 100%
      2. Shift Nav
      As a further extension of UberMenu - also runs fine out of the box with a few clicks. also combine with ubermenu no problem (Ubermenu for normal nav, shift nav for mobile)
      3. https / SSL

      I user commodo instant ssl and everything runs fine (10 minutes installation) - no mixed content errors nothing everything very smooth :-). Google SERPS have been updated to https URLS wihtin 1 day(!)
      4. MaxCDN
      I use MaxCDN for sitespeed as i implemented also video backgrounds. it runs perfect with wp supercache
      5. Nginx
      I also run nginx on my webspace, also with that there a no problems with platform 5. I also use nginx streaming for video files, works perfect.
      For all points there a no functions codes necessary or implement shortcodes - it runs out of the box and makes it easy for everybody, whos a little firm in technical matters. Some guys here in the forum make it really complicated :-)
      I am working with pagelines around 5 years now, and platform 5 / framework 5 is the best tool ever
      BUT i am missing to configure site headlines h1-hx as in DMS possible easy way. It was a great way to make seo sitestructure. now there are lots of empty headlines or headlines or jumped over. in seo this causes errors in sites structure. this should be reworked.
      if you have any questions on pl5 with 1.-5. just ask me here....
      regs, 
      Sascha Mühlen
       
       
       
    • social_biz
      By social_biz
      I am trying to get iBlogpro6 running under https. All is fine but I am getting a mixed content warning:
      Mixed Content: The page at 'https://s11r.co/' was loaded over HTTPS, but requested an insecure stylesheet 'http://s11r.co/content/uploads/pagelines/compiled-css-core-1464872768.css'. This request has been blocked; the content must be served over HTTPS. The compiled css file are delivered in http not https. I tried toi delete them several times but the error is still there.
      Do I need to fix something in the theme folder? What? Where?
×