Only product pages not secure (on Firefox)

**beadedlily** · 22 Jul 2017, 07:37 AM

Site url: https:// www.tubularwiremeshribbon.com
Version: v1.5.5e
PHP Version 5.6.31

I use a LetsEncrypt SSL certificate. All fine on Google Chrome, however on Firefox ALL my product pages are considered not secure. Example here.

I've viewed the page source but cannot see any indication of a non-secure link. My host says:

your domain name has valid SSL Certificate installed on, but still some of the site's URLs are being accessed via HTTP. This is so because the URL is hard coded into your site's database and cannot be auto-corrected. This has to be done manually by a MySQL expert developer.

Can this be true? My config files all seem to be in order so I why would MySQL be generating non-secure content?

Any thoughts would be much appreciated.

**beadedlily** · 22 Jul 2017, 09:19 AM

Viewing the product pages from yet another computer, the pages are considered secure on Firefox. Maybe it is Firefox version specific? Is there a global fix for all versions?

**lankeeyankee** · 22 Jul 2017, 10:00 PM

the add-this widget is not through https, try changing that in your tpl_product_info file to see if that fixes the issue.

**beadedlily** · 23 Jul 2017, 08:19 AM

Originally Posted by lankeeyankee

the add-this widget is not through https, try changing that in your tpl_product_info file to see if that fixes the issue.

That did it - Great job spotting that!

Thanks :)

**DrByte** · 23 Jul 2017, 05:54 PM

For future reference: This page contains both secure and nonsecure items (or "Unauthenticated content" or "connection partially encrypted").

**lankeeyankee** · 23 Jul 2017, 10:09 PM

For future reference, too, to quickly find the nonsecure content: view source, ctrl+f, enter http: in find box and it will show you all links that are the nonsecure type. Then use developer's toolkit to search for the file it's in.

**DrByte** · 23 Jul 2017, 10:22 PM

Originally Posted by lankeeyankee

For future reference, too, to quickly find the nonsecure content: view source, ctrl+f, enter http: in find box and it will show you all links that are the nonsecure type. Then use developer's toolkit to search for the file it's in.

Actually, it's better to search for src=http: instead, since a mere href=http: doesn't trigger nonsecure issues. This is mentioned in the FAQ article I linked above.