Website displays differently in https from http. How to fix that - http

Sorry for this stupid question but
Can someone suggest why the following website is displaying differently in http and https? Here are the two links
https://www.sportengland.org/careers/jobs-at-sport-england/
http://www.sportengland.org/careers/jobs-at-sport-england/
the content is not displaying properly in http website is iFrame content.

Basically, the HTTP or HTTPS protocol will not effect the format of the page.
It might be because they have hosted the site in two hosting one with SSL (HTTPS) and another with non SSL (HTTP).
And there could be chance that they updated one application and not done the same changes in another.

Related

How can I make a website partially unsecure?

I have a website that uses HTTPS so it is secure by default.
I am aiming to send some HTTP requests from the website, but the problem is that modern versions of web browsers do not allow the use of HTTP requests inside of HTTPS sites.
So, what I am trying to do here is to make a portion of my website un-secure using HTTP instead of HTTPS, so that I can send the requests I want.
Is that possible?
If there are any other suggestions to send HTTP requests, please help me with it.

Google index https instead of http

I have a wordpress website using free hosting of Open Shift. When I search goole for my website name. I received a result that contain https ssl. But when I click this links google chrome will go to:
Attackers might be trying to steal your information from phamquan.com (for example, passwords, messages, or credit cards). NET::ERR_CERT_COMMON_NAME_INVALID
This server could not prove that it is phamquan.com; its security certificate is from *.rhcloud.com. This may be caused by a misconfiguration or an attacker intercepting your connection.
Because my website doesn't have ssl cerification. How can i disallow google index all links of my website as https. Only allow http links.
The only way to prevent Google from indexing the HTTPS version of the site is to stop listening to HTTPS. The main problem here is that your webserver is currently listening to HTTPS requests, although your website is not configured to deliver a valid certificate.
If you can't access the server configuration, another approach described here and here is to use the canonical link tag to link to the HTTP version of the site as a hint that the correct version is the HTTP and not the HTTPS.

Difference between HTTP vs HTTPS

I have one wordpress website, in that am getting lot of errors day by day. So I like to change my normal HTTP to HTTPS. So please can you explain it is very useful and secure for my website.
If your website does not have https in the web link this means that you do not have installed SSL. Most of the modern web browsers treat any website without SSL installed as insecure. This may be one of the reasons for your website's issues.
I found the following answers to the question of the difference between HTTP and HTTPS.
Difference between HTTP and HTTPS
To know about the reasons for using SSL follow the link given below:
Reasons for using SSL
10,000ft view...
http is an unencrypted protocol for sending and retrieving data from servers in a web browser (among other uses). https is the same protocol but wrapper in SSL, a security tool that encrypts communications between the browser and server. This is what what banks and other websites use to ensure your data (like financial info) is protected when sent to your browser and cannot be read by someone on the same network.
Checkout articles like this and google the topic for more info.
Hope this helps.

FTP in iframe on HTTPS page

Evening all,
I am having some difficulty with displaying my FTP connection content on a page with HTTPS encryption. It works on standard HTTP but not HTTPS. I am running Apache web server. I'm not fussed about the user being able to see the FTP details just want to secure the connection between both ends though.
Would FTPS on HTTPS work?
Regards
ftp:// does work on https websites, although by default its blocked by the "Mixed Content Blocking"
In firefox you can disable this protection by doing what the picture describes:
For IE:
ftp:// does not work because of mixed content (e.g. secure https and non-secure ftp).
ftps:// will not work because most browsers do not support it and maybe your ftp server doesn't even speak ftps.
And, how about just testing it before asking, it is not that hard to replace that ftp:// with ftps:// in your page, isn't it?

ASP.NET HTTPS/SSL Caching and Dynamic Pages

I have an IIS6 ASP.NET 2/3.5 site that ALWAYS seems to be caching anything that goes through a https request. HTTP requests always work the same, but i see old/invalid data on https requests.
I see this a lot with pages where i'm doing http rewriting--but in general, it almost seems like the site has one set of values it shows to http requests and another to https requests-- without having any backend code that renders differently based upon the scheme.
Any ideas? Does IIS have a weird ssl caching option i'm not aware of?
The ports were set up wrong in IIS-- although the domain was correct because i was using port 443 it got forwarded to another site (because of host headers setup).

Resources