I've successfully added SSL on my WordPress website and it's every URL is working well with https URL but there seems all images is missing. In dashboard, all images URL is converted to https URL but in front-end they are not showing any URL it just seems like
Please anyone could help me to solve this issue?
This is likely because the URLs to the images are now http, and may be being blocked by browser security settings. There's a handy plugin I often use to help sort out issues like this called Really Simple SSL:
https://wordpress.org/plugins/really-simple-ssl/
This plugin manages the URLs to include the correct protocol, etc. You may need to change any hard-coded URLs in your theme that do not use https however.
Related
I have an wordpress website https://tricourilemele.ro . When doing an audit, my Security Score is showing an high issue: HTTPS URL links to an HTTP URL..
Looking at page source (in fact on all pages) i find these http://gmpg.org/xfn/11 and anther link - which in is in fact a page i made http://tricourilemele.ro/tricouri-personalizate/
Well... i found that http://gmpg.org/xfn/11 in my header is given by my theme - Storefront, even so it had many updates, they never changed that to https.
I tried with a plugin search / replace but i couldn't do any improves .more. i was afraid to try something else. I do not know many related to databases or so..
My problem is ...How could i change those 2 links from http to https?
Please, be
Thank you,
Marius
You'll need to find whatever file gmpg is in, and update the url to https. And then change the url accordingly for the site you created.
Could you help me find out what to do with not fully secure message.
I have installed ssl certificate from let's encrypt, but my wordpress homepage has a message "Attackers might be able to see the images you're looking at on this site and trick you by modifying them".
The home page is still in development, with demo content. About what images chrome notification is telling? Something to do with cookies?
Thank you for your answers!
Edit: Does it have to do with the theme itself? Whole wordpress dashboard and login is served over proper secure ssl.
Sending images via http protocol is what triggers this issue. Using any content from a cdn that does not use https will also trigger this issue. This quote explains it pretty simply (the yellow padlock / warning of unencrypted content/images):
If a yellow padlock appears with a mini yield sign, the likely cause
is links in your site still refer to an unsecured page. Make sure that
all your images, menu items and links use https in the URL.
source
I would use a tool to help identify all non-encrypted file transports. One such tool would be something like Why No Padlock.
Did you enable https after installing WordPress? If so, you must change the WordPress address and Site Address under "General Settings" in WordPress. Make sure both addresses use https.
If your WordPress site address is set to use http, your server will force https but WordPress will serve certain images, like the favicon, over http. This triggers a "mixed content" warning.
I too had run into this issue. It appears there are many http: that need to be replaced with https:
You typically do this using a plugin called Better Search and Replace. Make sure you are adding colon (:) at the end of both http and https.
I found a working answer here
To check for issues on the chrome/opera inspection console (ctrl+shift+C) is also a great idea: I had setup all correctly and the issue was the footer image, not something you would check very often looking for this fix. I had applied SSL to many websites, sometimes the issue is just one simple link and this method helps find it.
I had the same problem where the home or index page was saying the page was not fully secure "Attackers might be able to see images blah blah blah"
After enabling https in general settings under site address and wordpress address I was still getting the insecure image warning on the index or home page.
The next step was to find out what images were not using the https ref on the index or home page.
In my case I viewed the page source of the page, by right mouse clicking the page in the chrome browser & looking for images url ref which were still showing http. I was using a sliding header and those images were showing http. So all I did was go into slider header in the appearance menu of the wordpress, and re-assign each of the header slider image for each frame. RE-checked the home page now the image urls were showing https. Bingo the secure lock symbol returned.
Obviously these image urls don't get updated via the general settings... which seems an oversight by whoever wrote the part of the word-press script.
Hi i have a question about importing a wordpress.com site to a new self hosting wordpress site.
After completing the website i still have the old https links in search results showing broken css pages: example here. https://the3growbags.com/author/rhamscallion/
The new website does not use an SSL certificate and adding one does not solve the problem, anyhow we don't need SSL. This is the non-SSL website example: http://the3growbags.com/
Question is why are the old https links showing these broken CSS pages instead of unsecured connection pages, and how do I remove them from search results? help much appreciated.
All your resources are linked using http:// URLs, which result in mixed content which is normally blocked by browsers.
Make sure your resources are loaded using https and your site will work.
For this you could use the protocol agnostic URL style: "//domain.com/path"
I spent my whole day configuring my wordpress website to use cloudflare flexible ssl.
I use WP HTTPS plugin and cloudflare page rule to redirect http to https.
It's working very well on firefox and IE but in chrome it's saying:
The page at 'https://mrbladedesigns.com/' was loaded over HTTPS, but is submitting data to an insecure location at 'http://mrbladedesigns.com/': this content should also be submitted over HTTPS.
One more thing I want to tell you guys that now also my wordpress address and Site address is HTTP in wordpress admin settings
I removed all of the insecure content but have no idea on how to resolve this.
Any help will be appreciated!
Just disable W3 Total Cache, https cloudflare will working fine.
I actually tried this as well but with more success. From your description it sounds like you have an issue with insecure content being loaded. This happens when you load the page via https but content is loaded via http.
The ssl insecure content fixer plugin will help you with most of your problems, but other problems will have to be fixed manually by changing http references in your html code to https.
never mind I fixed it, SSL insecure didn't worked for me, the root cause of this problem was the search bar on my homepage. Here's the fix: under WP HTTPS settings at the end there's an option Secure filters. Just write /?s there and save it! Done!
I would like to get a SSL certificate for my WordPress site. Is it safe to switch from http to https? My host says it's an automatic install, but shouldn't I change all the URLs?
In my theme I have hard coded URLs, but also WordPress permalink PHP codes for example. The hard coded URLs can be changed, but how about the URLs in the Wordpress code itself and all the plugins? If I change that and there's an update it will all be lost I suppose.
I would like to have https all over the website. Will the site and all the plugins still work after I switch from http to https?
It is safe, but yes, you will have to change the hardcoded urls or establish redirections, the first option is better. There are plugins that help you with this, remember all internal linking in your posts has to change, too.
You can read here. This question is related.