Re: SSL is on, but http:// login page does not redirect to https://
Why should they care? A real customer is never going to change the URL and the information is still sent via HTTPS when it is submitted.
The issue is that after running a PCI scan, the site has failed becuase they were able to hack and get to the login page without using the https://
ie, if you type in the login URL directly into the address bar, using http:// it will allow you to get there, instead of forwarding you along to https://
Please do not PM for support issues: a private solution doesn't benefit the community.
Be careful with unsolicited advice via email or PM - Make sure the person you are talking to is a reliable source.