Am working on a fresh install/test cart of v155e on a VPS with all my products and customers transferred over from live store. PHP is 7.0 and have Image Handler 4, Lite Box, Edit Order, and Easy Populate installed. Ubuntu 16. Slowly getting it working and customized the way I want.
Using Webmin/Virtualmin and Lets Encrypt and have forced my VPS site to default to https. Modifying .htaccess to force https always gave a server error so I found that could add the line "Redirect / https://MYSITE.com/" in etc/apache2/sites-available/MYSITE.conf file and that worked great. So far I get the green padlock in Chrome on almost all my pages, however just noticed when I click on New Products, All Products, or Gift Certificate FAQ links on my main page I get no padlock and a mixed content warning (could be on other pages too but these are the only three have found so far and I have looked).
In Chrome browser Inspect/Console I see warning:
Mixed Content: The page at 'https://MY_WEBSITE/index.php?main_page=products_new' was loaded over a secure connection, but contains a form which targets an insecure endpoint 'http://MY_WEBSITE/index.php?main_page=products_new'. This endpoint should be made available over a secure connection.
index.php?main_page=products_new:346
<div id="sorter">
<label for="disp-order-sorter">Sort by: </label>
<form name="sorter_form" action="http://MY_WEBSITE/index.php?main_page=products_new" method="get"><input type="hidden" name="main_page" value="products_new" /> <select name="disp_order" onchange="this.form.submit();" id="disp-order-sorter">
<option value="1" >Product Name</option>
<option value="2" >Product Name - desc</option>
<option value="3" >Price - low to high</option>
<option value="4" >Price - high to low</option>
I tried to track this down using Zen Cart Developer's Tool Kit but it's not as simple as the other things have recently worked out.
Suggestions and advice appreciated.
Thanks, Ted
Bookmarks