Support Forum
Support Forum
Offline
Sorry if this was answered elsewhere already, then please point me in the right direction. Searching for "https" doesnt generate easy results in this case for obvious reasons.
My question is one of education and understanding.
I recently changed my website from http to https and went through all steps necessary, including changing the references in wp_posts in my database via the "Better Search Replace" Plugin of WP.
All that I changed explicitly for SP, was the "Permalink" in the "Integration" section part of the SP admin section from the http version to the https version of the blog. I did not change anything in the database in the SP Posts themselves.
Everything works, my blog is now "full green" meaning the https security is not broken anywhere in the posts, as all internal links in the posts have been changed to https. Fine.
The only place that is generating a "yellow" in Firefox, is the SP forum. That is not a big problem, but I would like to understand what the cause is.
I fully understand, that when I open a thread or a post with pictures in, that come from http sides, this will break the "green" status. Thats fine. Thats not the question.
The Problem:
But even when I call the SP on top level, where all the forums are listed and where definitly *no* picture or link is involved, I get a "yellow" status in terms that https is broken.
Then I used the well known and reliable online tool from jitbit to track down the cause: /www.jitbit.com/sslcheck/
The funny result for the main forum page: No Issues. 😉 But still the https is broken on any forum page, completely independent from the content shown.
The Question:
Is there anything in addition, that needs to be done to convert an existing SP installation to https?
Again, i understand myself, that external links and pictures in the content (the posts) would need to be converted, but that is not my issue.
My issue is the forum framework itself. Is there anything I should be aware of in terms of https?
Do you have any idea, what the cause of this break of https security - even with an empty forum - could be?
SP must be loading something from a http domain. But why is this the case, when I installed on a https domain and changed the Permalink?
Thanks in advance
Offline
No, not really... the images in posts are one thing we are aware of that needs attention... we have an open ticket to try not to save the scheme in the database and add it at render time (its harder than it sounds)...
the forum gets the schema from wp... so as long as wp tells everyone (ie plugins) that is https, everything should be good... of course, there is the aforementioned images and then any other links that users may put in a post content...
you can make sure wp is set up by looking at the wp settings page and verifying https is used in the blog and site urls.. assume the wp site is set up per here: https://make.wordpress.org/sup.....wordpress/
no caching plugins, right?
if still an issue, need to track down which urls on a forum page are not properly https... the browser console will normally tell you... you should be able to quickly look at forum, topic and other links in the forum too for a first level glance...
Visit Cruise Talk Central and Mr Papa's World
Offline
Tested the toplevel forum page (with the overview of all forums) with the Firefox Browser-Console
It referred to the following as mixed content
http://................... /wp-content/sp-resources/forum-themes/reboot/styles/images/dd_arrow.gif
Tried normal posts and had the smiley for example as indication for mixed content:
http://................... /wp-content/sp-resources/forum-smileys/sf-confused.gif
So it lools like as if somewhere in that area the change to https has not worked. The links still seem to be from http.
And yes, no caching involved at all.
Again, I followed all the guides for the https conversion in wordpress and in wordpress everything works perfectly. Only the SP Forum shows a lack of https.
PS:
BTW, looking in the Firefox Inspector, the scheme still seems to be called as http. Take a look:
nav itemtype="http://schema.org/SiteNavigationElement" itemscope="itemscope" id="site-navigation" class="main-navigation grid-container grid-parent"
PPS:
Also I can confirm, that other calls to SP in Sp-Resources are coming rightly from https. So the problem is *NOT*, that SP in generell was not adapted to https, the problem seems to exist for some specific resources only. Maybe the GIFs only?
Offline
dd_arrow.gif: This one is somewhat puzzling as we do not call it anywhere directly. This is only used in your SP theme CSS file and it is passed as a relative url - so no request scheme is included. So why your browser would interpret this as http within an https website is peculiar and certainly something I am unable to answer.
sf-confused.gif: @mr-papa already answered this one above in the very first comment regarding images. You also said originally that you performed 'changing the references in wp_posts in my database' but, that does not convert any embedded url's in your forum data which is not held in the WP posts table. Any new images added to forum posts after the full change to https should use the correct scheme.
 |
YELLOW
SWORDFISH
|
All RSS1 Guest(s)