I'm seeking help with an issue, basically my entire ecommerce website runs on HTTPS with wordpress but I have recently become affiliated with ebay.
However when I try to display their products on my site using a HTTPS page none of the images show and I get this error:
Failed to load resource: net::ERR_INSECURE_RESPONS https://thumbs2.ebaystatic.com/m/mPA8yaCHEhocIoW2TdC-0hQ/140.jpg
I'm trying to change (https example.com/shop/ebay-shop/) to (http example.com/shop/ebay-shop/)
so that the images are displayed correctly. Unless anyone knows how I can make the images load without having to redirect to http?
Thanks.
Try adding this to the top of the htaccess file in your document root:
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule ^shop/ebay-shop/ http://example.com%{REQUEST_URI}
Note, you'll need to be careful with any wordpress plugins or settings that will attempt to re-redirect such a request back to https. If that happens, you'll end up with a redirect loop.
Related
I have an hosting with ipage and I have 5 domains on this hosting. My master domain is called eroups.com, and I already bought ssl for it but when I ask my hosting support to redirect it from http to https all my domains are redirecting to https and I don't have ssl for them yet.
And I make for this other each domain folder as redirect into this folder please if some one know how to fix that I just need to redirect eroups.com to https only and other same like http.
My domains are:
eroups.com (this is the master and have ssl)
imolawigs.com
imolagallery.com
kittyshoping.com
kittywedding.com
Please someone write the code for me I can't understand how to make that by myself and support didn't understand anything also.
so basically there are 4 main steps:
update the url in your database http://yourdomain.net -> https://yourdomain.net
set a http to https redirect in your .htaccess file
check for any hardcoded http://yourdomain.net occurrences in the source files of your theme
check for external resources which are loaded via http://.... (fonts, images, ...) and correct them to https://
Do you have some programming skills? Then I could sent you the tools and code snippets which you can use to accomplish the transition from http to https.
Unfortunately this process can not be automated by a plugin.
Cheers, Dominik
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
If you don't want to code/touch your servers, you can achieve this without writing any code only by using a CDN for example if using Cloudflare: How do I redirect all visitors to HTTPS/SSL?.
I'm getting the following error when submitting a Ninja form that was integrated to the wordpress site.
Mixed Content: The page at 'https://my.domain/event/test-page/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://my.domain/wp-admin/admin-ajax.php'. This request has been blocked; the content must be served over HTTPS.
That is the only error that I'm getting.
The site runs in HTTPS.
A quick help is utmost appreciated.
Install the plugin Really Simple SSL. Once installed and activated, click on "Go Ahead!" Blue button to activate it.
Are you seeing the mixed content error in WordPress? Mixed content error in WordPress is caused by incorrect HTTPs/SSL settings. Often times it doesn’t affect your website’s functionality, but it can have adverse affects on your website’s SEO and user experience. In this article, we will show you how to fix the mixed content error in WordPress.
For more details:
http://www.wpbeginner.com/plugins/how-to-fix-the-mixed-content-error-in-wordpress-step-by-step/
You could try forcing all http requests to redirect to https. This is a blunt-force tool to solve issues like this, but not elegant.
Place this in your .htaccess file above the #BEGIN WordPress line
RewriteEngine On
RewriteBase /
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Richard, Arta, and Gufran's answers are satisfactory. I simply offer an alternative. If you have a cpanel, go to domains and toggle the 'Force https Redirect' next to your domain
I need to change the url on a website from /blog/contact to just /contact
But I still need application to serve the content as if the user is still accessing the original URL.
Is it possible within .htaccess to change the URL without changing any of the architecture or logic of the backend? Kind of like a permanent 301 alias?
Thanks
I found the solution to this with the following rule.
RewriteRule ^blog/contact/$ /contact [L]
Hate to complain but I've spent like 2-3 hours working on trying to secure my WordPress site via SSL. I can successfully browse to my site via HTTPS, but I always get mixed content. I've tried several plugins, but there are still resources that are pulling images via HTTP. If I tried to browse to the URLs of those images manually, my web browser actually switches the URL to HTTPS, so I'm not sure why the site loads the images under HTTP but browsing to the images manually forces it over HTTPS. Very Confusing.
I've tried adding this in the .htaccess file of my root directory, so that all requests to the subdirectory /wp-content/ are forced over HTTPS, but it still does not work:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(wp-content/.*)$ https://www.example.com/$1 [R=301,L]
When I add this into the .htaccess file, reload the site, inspect element, I still see numerous links in here with http.
I've also tried HTTPS Easy Redirection, which forces HTTPS on everything but then results in a redirect loop. Still no luck.
Any suggestions would be greatly appreciated. It seems to just be the images.
What you have setup so far works, but does not address the root issue. As a matter of fact the .htaccess redirect is overkill.
Your Wordpress configuration needs to be edited. Go to your settings>general, ensure that the Wordpress Address Url and Site Address Url are https. It's that simple. You also need to edit any hard coded content urls to https.
You could use some wacky plugin to mutate your links but I would not advise it. But it won't work all the time. That will depend on how your content is constructed.
If you want to play it safe, whenever your add a resource link to content simply omit the protocol like this: ://example.com/.... That scenario works well with content generated by Visual Composer and the likes.
If the SSL is successfully installed in your server then use this plgin: https://wordpress.org/plugins/really-simple-ssl/
This will works for you...
Note: Take backup of your website and database first then proceed with the above plugin.
Thanks
This problem started yesterday.
When the public visitor view my website, the Wordpress navigation bar will appear on top of the page as if they are a login user. They can even see the greeting message on top right corner, "Howdy, John(My name)"
The good news is, these public visitors will not be able to access the wordpress configuration page. They can only thee the top navigation bar when they view the page.
My question is, what is going on?
Could it be a plugin?
Could it be CDN (Cloudflare) problem?
Could it be the hosting site problem?
or could it be a hacker's deed?
Please help, I have no idea where to begin with.
You're probably serving fully cached pages (which includes the logged-in user content) for all visitors. This means that a new visitor will get served the exact same HTML and other assets that have been served earlier for a logged-in user.
I would start by checking the Cloudflare settings and see whether there are any options for disabling the cache for certain types of visitors (e.g. validated by cookies).
Problem solved.
Apparently, the culprit is the wrong configuration in Apache Server.
One of our engineer added the snippet below into the .htaccess as a recommendation from LiteSpeed module for Wordpress. This little devil makes Apache server to do full-page caching.
<IfModule LiteSpeed>
CacheEnable public /
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(HEAD|GET)$
RewriteCond %{REQUEST_URI} !^/(wp-admin|wp-login.php|wp-cron.php)
RewriteRule .* - [E=Cache-Control:max-age=120]
</IfModule>
Thank you #ojrask for pointing out the possibility of full-page caching in Apache Server.