SSL Question - Is It Possible To Turn Off SSL On Product Pages ONLY??

[sgallasch]

Hi, Is It Possible To Turn Off SSL On Product Pages ONLY??

I have SSL site-wide and have many 1000s of product pages with cross product page HTTP links in the product page info.

Is there a quick way to turn off the SSL just on the product pages? Would Mr Goo gle hate this idea? Even if the main parts of the site are SSLed

Is there a quick way or module out there that will find and update all my http links to https on my product pages so they don't get blocked and made to disappear from the page by the SSL?

I don't mind the whole SSL thing but it is really making life a nightmare for me and my customers.

[dbltoe]

The first question is whether these links go offsite or onsite.

Code:

<img src="http://YOUR_DOMAIN.com/myimage.png">

should always be represented as

Code:

<img src="/myimage.png">

Otherwise the browser leaves the site for the internet only to return to your site with the image that was already there!
If your links are going offsite, my first question is why? If it's the product's page (where you make your money), why send someone elsewhere. I wonder if the Search Engines would consider that duplicate content.
Also, are these links embedded in the database (included in the description of the product)? If so, you might want to look at http://tinyurl.com/d4x2tto to find and replace the http: references.
I'm sure someone will suggest a way to force the link to leave your site as https:// versus http://

[mc12345678]

It's not very clear where the http: related links are present other than "on the product pages". If they are in your products_description, then a search and replace within the database would make that possible. Internal links though really should be relative instead of hard coded. If the links are coded into the php files, then the tools->developers tool kit would be helpful.

As to disabling ssl on "specific" pages, well, there are issues with that as well, because it sounds like it is not just that the link(s) need be disabled on the page itself but also pages that lead to that page... better to just fix the information on the problem page(s).

The thing about the products_description replacement is that if there is a link that goes off-site and that site doesn't support https: then wouldn't want to force a customer to go to the https: version where it is known not to work... but if it is known (or can be determined as part of the search and replace) that the link is pointing to the same site, then could replace http: with https: though as said before would be better to use a relative link to internal content so that no matter what the base of the website is, the link references site related content and will get the customer there the same way as used on the current page. This is how say the images work on the site and many other links/resources.

A slight correction to dbltoe's recommendation is that the reference should not include the initial slash as the base tag should include the slash at the end of the associated href parameter of the tag.

[sgallasch]

The first question is whether these links go offsite or onsite.

Code:

<img src="http://YOUR_DOMAIN.com/myimage.png">

should always be represented as

Code:

<img src="/myimage.png">

Otherwise the browser leaves the site for the internet only to return to your site with the image that was already there!
If your links are going offsite, my first question is why? If it's the product's page (where you make your money), why send someone elsewhere. I wonder if the Search Engines would consider that duplicate content.
Also, are these links embedded in the database (included in the description of the product)? If so, you might want to look at http://tinyurl.com/d4x2tto to find and replace the http: references.
I'm sure someone will suggest a way to force the link to leave your site as https:// versus http://

Hi dbltoe, to answer your question yes of course the cross http links on the product pages stay on site and suggest other products that might be of interest to the customer. I know if i simply change the link in the product page to https the link shows up and works fine. I have all http to https 301 direct in HTACCESS as well. But unfortunately the SSL does not treat these links the same as i think they are seen as html code in the product page. I have literally thousands of product pages so doing the change manually sort of sucks big time. Thanks for your interest.

[sgallasch]

It's not very clear where the http: related links are present other than "on the product pages". If they are in your products_description, then a search and replace within the database would make that possible. Internal links though really should be relative instead of hard coded. If the links are coded into the php files, then the tools->developers tool kit would be helpful.

As to disabling ssl on "specific" pages, well, there are issues with that as well, because it sounds like it is not just that the link(s) need be disabled on the page itself but also pages that lead to that page... better to just fix the information on the problem page(s).

The thing about the products_description replacement is that if there is a link that goes off-site and that site doesn't support https: then wouldn't want to force a customer to go to the https: version where it is known not to work... but if it is known (or can be determined as part of the search and replace) that the link is pointing to the same site, then could replace http: with https: though as said before would be better to use a relative link to internal content so that no matter what the base of the website is, the link references site related content and will get the customer there the same way as used on the current page. This is how say the images work on the site and many other links/resources.

A slight correction to dbltoe's recommendation is that the reference should not include the initial slash as the base tag should include the slash at the end of the associated href parameter of the tag.

Hi mc12345678, see my above answer. Thanks

[sgallasch]

Thanks for your interest. I have found using a different 301 http redirect https code in the htaccess has fixed this problem. For your interest it was the one suggested by Hostgator. Please consider the problem fixed. :)

[mc12345678]

Hi dbltoe, to answer your question yes of course the cross http links on the product pages stay on site and suggest other products that might be of interest to the customer. I know if i simply change the link in the product page to https the link shows up and works fine. I have all http to https 301 direct in HTACCESS as well. But unfortunately the SSL does not treat these links the same as i think they are seen as html code in the product page. I have literally thousands of product pages so doing the change manually sort of sucks big time. Thanks for your interest.

We, dbltoe and I, were asking about where the links resided as well as to where they pointed so that we could possibly provide a quick solution. I doubt that dbltoe was encouraging modifying each "individually" but instead possibly via a sql statement or some other "quick" method (though I didn't follow the compressed url nor have another tool look it up to validate that the destination was safe or known). Maintaining "old" links *on* your site *to* your site that have to be redirected does not really help your site. These links should be updated so that they are current.

To replace them with https: (similar process could be used for other changes, but might as well start here) you could copy the below into tools->install sql patches (though with ZC 1.3.9 may have to add your database table prefix defined as DB_PREFIX in your includes/configure.php file in front of the first products_description) and execute/submit it.

Code:

UPDATE products_description
SET products_description = REPLACE(products_description, 'http://domain1.com', 'https://domain1.com')
WHERE products_description LIKE ('%http://domain1.com%');

As to the fix that was applied, mind sharing what was provided? It could serve to be very helpful to another having the same issue particularly with the same host.

[sgallasch]

We, dbltoe and I, were asking about where the links resided as well as to where they pointed so that we could possibly provide a quick solution. I doubt that dbltoe was encouraging modifying each "individually" but instead possibly via a sql statement or some other "quick" method (though I didn't follow the compressed url nor have another tool look it up to validate that the destination was safe or known). Maintaining "old" links *on* your site *to* your site that have to be redirected does not really help your site. These links should be updated so that they are current.

To replace them with https: (similar process could be used for other changes, but might as well start here) you could copy the below into tools->install sql patches (though with ZC 1.3.9 may have to add your database table prefix defined as DB_PREFIX in your includes/configure.php file in front of the first products_description) and execute/submit it.

Code:

UPDATE products_description
SET products_description = REPLACE(products_description, 'http://domain1.com', 'https://domain1.com')
WHERE products_description LIKE ('%http://domain1.com%');

As to the fix that was applied, mind sharing what was provided? It could serve to be very helpful to another having the same issue particularly with the same host.

Here is the link to get the hostgator redirect 301 code http://support.hostgator.com/article...ow-do-i-use-it

Thanks for your info.