Not sure if this response answered the previous question, but basically seeing that site was not full https: enabled, I went to the first place I would expect https to exist which was the login page: index.php?main_page=login. I was presented with a mixed content message and asked if I wanted to allow all content. Answer was no. I then viewed the page source and searched for src="http: and came across that link. I also tried variations such as src = "http:, and even with a single quote as that is used in a few places on the page.
Anyways, chrome has gone to an expectation of the entire site being https: not just the pages/communications where such data should be encrypted.
ZC Installation/Maintenance Support <- Site
Contribution for contributions welcome...
kevin,
you need a new host. your server is still vulnerable to a poodle attack. that is an issue that needs to be addressed. see:
https://www.ssllabs.com/ssltest/anal...vtreasures.com
good luck.
yeah, SSL3 should have been killed on that server years ago
Mike
GeekHost - Zen Cart Certified & PCI Compliant Hosting
The Zen Cart Forum...Better than a monitor covered with post-it notes!
Did a WHYNOPADLOCK
This was exactly the tool I needed to solve my problem. The scan showed that there was an image on the main page where the url was http not https and that made the page not secure. Once I put the "s" in the url, the page showed the padlock.
THANK YOU!!! Saved me hours of beating my head against the wall.
Carol
Bookmarks