Site showing Mixed Content- NOT SECURE
My website catalog section shows mixed content, so not fully secure. images in the /images folder and /template/CSS are the non-secured ones.
when I look at the page source it is HTTP for
<base href="http://website.com/" />
<link rel="canonical" href="http://website.com/" />
how can I make it HTTPS://?
Right now I have HTTP_SERVER set as
define('HTTP_SERVER', 'https://
Thank you
Re: Site showing Mixed Content- NOT SECURE
What I noticed is that the catalog page gets switched between secure and nonsecure randomly.
<base href="http://website.com/" />
or <base href="https://website.com/" />
Re: Site showing Mixed Content- NOT SECURE
Hi
I followed what is in another thread and added
if($_SERVER['SERVER_PORT'] != '443') { header('Location: https://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']); exit(); }
to /template/common/tpl_header.php
and this solved the problem
Re: Site showing Mixed Content- NOT SECURE
While that may work, it is not the correct way to do what you want. Read the entire page at https://docs.zen-cart.com/user/first..._you_need_ssl/
It will tell you how to correctly adjust the two configure files.
Re: Site showing Mixed Content- NOT SECURE
I made the changes mentioned in the link in configure.php files in /admin and /include
/
define('HTTP_SERVER','https://mysite.com');
Even then the website was showing unsecured in the product listing and product info pages. This switching was throwing up the alert messages in customers' browsers. Once I made the change in the tpl_header the site is fully secured with no messages.
Thank you so much
Quote:
Originally Posted by
dbltoe
Re: Site showing Mixed Content- NOT SECURE
Quote:
Originally Posted by
nishajh
I made the changes mentioned in the link in configure.php files in /admin and /include
/
define('HTTP_SERVER','https://mysite.com');
Even then the website was showing unsecured in the product listing and product info pages. This switching was throwing up the alert messages in customers' browsers. Once I made the change in the tpl_header the site is fully secured with no messages.
Thank you so much
Do you have access to the server files and do you have a SSL certificate?
If so you could add htaccess
Code:
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R,QSA]
</IfModule>
Also make sure that you have not got any links that show full url ie http://www.domain etc as these should be https://
Re: Site showing Mixed Content- NOT SECURE