We recently went from http://www.example.com to https://www.example.com to allow for a more secure online environment. This was done partly to allow for on-site donations.
We utilize a social sharing tool called ShareThis (www.sharethis.com). Our home page has received several thousand likes and "ShareThis" clicks over the past year. Unfortunately all of these are now gone when changed to https.
Is there a solution to this issue?
I see two options:
1) Change from https:// back to http://
2) Ask the company to update your website in their database and/or update their software to recognize that http://www.example.com and https://www.example.com are the same website.
So, those are two options if you're willing/able to switch back to http://, otherwise, omit option 1.
You can customize the URL that you pass to the widget. Pass it the http URL so that is what will get shared and that's the counts you will get..
I wrote the ShareThis widget so let me know if this works for you..
Related
I have an wordpress website https://tricourilemele.ro . When doing an audit, my Security Score is showing an high issue: HTTPS URL links to an HTTP URL..
Looking at page source (in fact on all pages) i find these http://gmpg.org/xfn/11 and anther link - which in is in fact a page i made http://tricourilemele.ro/tricouri-personalizate/
Well... i found that http://gmpg.org/xfn/11 in my header is given by my theme - Storefront, even so it had many updates, they never changed that to https.
I tried with a plugin search / replace but i couldn't do any improves .more. i was afraid to try something else. I do not know many related to databases or so..
My problem is ...How could i change those 2 links from http to https?
Please, be
Thank you,
Marius
You'll need to find whatever file gmpg is in, and update the url to https. And then change the url accordingly for the site you created.
Could you help me find out what to do with not fully secure message.
I have installed ssl certificate from let's encrypt, but my wordpress homepage has a message "Attackers might be able to see the images you're looking at on this site and trick you by modifying them".
The home page is still in development, with demo content. About what images chrome notification is telling? Something to do with cookies?
Thank you for your answers!
Edit: Does it have to do with the theme itself? Whole wordpress dashboard and login is served over proper secure ssl.
Sending images via http protocol is what triggers this issue. Using any content from a cdn that does not use https will also trigger this issue. This quote explains it pretty simply (the yellow padlock / warning of unencrypted content/images):
If a yellow padlock appears with a mini yield sign, the likely cause
is links in your site still refer to an unsecured page. Make sure that
all your images, menu items and links use https in the URL.
source
I would use a tool to help identify all non-encrypted file transports. One such tool would be something like Why No Padlock.
Did you enable https after installing WordPress? If so, you must change the WordPress address and Site Address under "General Settings" in WordPress. Make sure both addresses use https.
If your WordPress site address is set to use http, your server will force https but WordPress will serve certain images, like the favicon, over http. This triggers a "mixed content" warning.
I too had run into this issue. It appears there are many http: that need to be replaced with https:
You typically do this using a plugin called Better Search and Replace. Make sure you are adding colon (:) at the end of both http and https.
I found a working answer here
To check for issues on the chrome/opera inspection console (ctrl+shift+C) is also a great idea: I had setup all correctly and the issue was the footer image, not something you would check very often looking for this fix. I had applied SSL to many websites, sometimes the issue is just one simple link and this method helps find it.
I had the same problem where the home or index page was saying the page was not fully secure "Attackers might be able to see images blah blah blah"
After enabling https in general settings under site address and wordpress address I was still getting the insecure image warning on the index or home page.
The next step was to find out what images were not using the https ref on the index or home page.
In my case I viewed the page source of the page, by right mouse clicking the page in the chrome browser & looking for images url ref which were still showing http. I was using a sliding header and those images were showing http. So all I did was go into slider header in the appearance menu of the wordpress, and re-assign each of the header slider image for each frame. RE-checked the home page now the image urls were showing https. Bingo the secure lock symbol returned.
Obviously these image urls don't get updated via the general settings... which seems an oversight by whoever wrote the part of the word-press script.
I've got this weird problem on one of my Wordpress sites and I hope you all could help out.
I have a this Wordpress site set-up and working correct. It has a SSL certificate so the URL is https://www.example.com.
Now if I add a link to one of my pages like this http://www.example_2.com it automatically changes the link to the https:// protocol. Which I find really strange because the link is literally <a href="http://www.example_2.com">.
Does anyone know why the link becomes https:// instead of the normal http:// protocol? Because my link is now giving an error when I click on the link and get send to the linked site.
I have googled this issue but it only give me results for how to configure your site for SSL (https://) and not for the issue I'm having...
Thanks in advance.
Your site probably is configured to immediately 302-redirect http requests to https.
What happens if you hit that site directly from your browser at http://www.example_2.com/ ? does it also bounce to https?
There is some chance your example_2.com site has enabled strict transport security. Read this. https://www.owasp.org/index.php/HTTP_Strict_Transport_Security_Cheat_Sheet
A lot of people are using links of the form
href="//www.example_2.com"
instead of
href="http://www.example_2.com"
these days to avoid this sort of confusion, and avoid mixed-content complaints. You might want to consider that. It's especially useful when you pull stuff from content delivery networks.
I've successfully added SSL on my WordPress website and it's every URL is working well with https URL but there seems all images is missing. In dashboard, all images URL is converted to https URL but in front-end they are not showing any URL it just seems like
Please anyone could help me to solve this issue?
This is likely because the URLs to the images are now http, and may be being blocked by browser security settings. There's a handy plugin I often use to help sort out issues like this called Really Simple SSL:
https://wordpress.org/plugins/really-simple-ssl/
This plugin manages the URLs to include the correct protocol, etc. You may need to change any hard-coded URLs in your theme that do not use https however.
I have been optimising my site for load time and have managed to get my site down to <700kb with only 34 requests.
However, it's still not exactly snappy. On http://tools.pingdom.com/ it is apparently "slower than 75% of tested sites". Which is strange for a sub-1mb site with not many requests. The site is www.succeedenglish.com. It has just launched and is seeing about 30 visitors per day so it can't be traffic volume.
The problem I guess is the server. When I run a test on Pingdom, the URL makes up 5.5 seconds of a 6.25 second load time. A similar result is seen on http://www.webpagetest.org/
What does that URL mean? and how can I solve it?
The site is on WordPress with a Bluehost shared plan. I know shared isn't the best but it should be able to handle such a small site with so few visitors.
I'd really really appreciate any help. Thanks in advance.
After having a look at the speed test on pingdom, I noticed something that is unnecessarily adding 2.2 seconds to the load time. The URL request is being doubled.
Heres why, when you try to access www.succeedenglish.com you will notice that your wordpress website is redirecting to succeedenglish.com (without the www).
I did a test without the www and its faster:
http://tools.pingdom.com/fpt/#!/dM0eyP/succeedenglish.com
This is because the website URL in the settings found in the WP backend is set without the "www".
Heres my suggestion, login to the backend of wordpress and update the URL to include the "www".
You will find the fields to update under "General Settings". You will have to update 2 fields: "WordPress Address (URL)" and "Site Address (URL)"
That will sort out the unnecessary redirect onload.
However, if you also have images (image URLs) within posts and custom fields (used by some plugins), you would need to update all the URLs throughout the database.
To do this you can use a simple plugin called Velvet Blues Update URLs.
https://wordpress.org/plugins/velvet-blues-update-urls/
You can install it via the WordPress backend and then access the plugin here: Tools -> Update URLs.
What you want to do is replace all "http://succeedenglish.com/" urls with "http://www.succeedenglish.com/". Please remember to include the "http://", otherwise you will end up with incorrect URLs, just be cautious
Just be sure to check out the plugins instructions.
This will improve the load time.
Let me know if you come right.