You are not logged in.
Pages: 1
hello awesome people
i dont know if this should be posted here , but i was trying to force my website to go https
i was able to do it after some googling and edited the htaccess file.
the redirection from http to https is working but i now get the mixed content error
i went to whynopadlock.com to test the basic security issues and like i was suspecting it is a link in the code
Hard Failure A file with an insecure url of "http://fonts.googleapis.com/css?family=Open+Sans" was loaded on line: 31 of https://www.abc.com/.
This URL will need to be updated to use a secure URL for your padlock to return.
Hard Failure A file with an insecure url of "http://fonts.googleapis.com/css?family=Merriweather:400,300italic" was loaded on line: 31 of https://www.abc.com/.
This URL will need to be updated to use a secure URL for your padlock to return.
Hard Failure A file with an insecure url of "http://fonts.googleapis.com/css?family=Open+Sans" was loaded on line: 31 of https://www.abc.com/.
This URL will need to be updated to use a secure URL for your padlock to return.
Hard Failure A file with an insecure url of "http://fonts.googleapis.com/css?family=Merriweather:400,300italic" was loaded on line: 31 of https://www.abc.com/.
This URL will need to be updated to use a secure URL for your padlock to return.
if i click on abc.com source (view page source in chrome )and go to line 31 i dont find anything related to fonts.googleapis.com ..instead i get this on line 31 :
<script type="text/javascript" src="scripts/jquery-2.1.0.min.js"></script>
where to find these insuce files so i can adjust them ?!
Check your CSS files, and change http to https of google fonts urls.
Check your CSS files, and change http to https of google fonts urls.
hello my friend ...i followed your advice and i dont have the errors in whynopadlock.com .. but i am still having the chrome error :" the page is trying to load scripts from unauthenticated sources " ( there is a small black and white shield with a small red X in the right corner of the address bar )
how can i find these scripts ?!
Have you even heard of "developer tools" or "DevTools" (press F12 on Windows)?
View the source of your page (cmd+U in Firefox) and look for any assets (images, stylesheets, scripts) that you reference with http:// instead of https://
Also make sure that you are not loading an old version of the page on your computer (clear your cache).
Have you even heard of "developer tools" or "DevTools" (press F12 on Windows)?
I did.. But i was looking for a tool that can perhaps check the entire website source.
I guess i have to do it page by page?
View the source of your page (cmd+U in Firefox) and look for any assets (images, stylesheets, scripts) that you reference with http:// instead of https://
Also make sure that you are not loading an old version of the page on your computer (clear your cache).
This is what i did for the fonts.. I will look for the source after flushing my cache
Tell us the website's address, we can help more
Last edited by Hybrid (June 26 2018)
rolf wrote:Have you even heard of "developer tools" or "DevTools" (press F12 on Windows)?
I did.. But i was looking for a tool that can perhaps check the entire website source.
I guess i have to do it page by page?
Ah I see you are looking for some kind of crawler.
I don't know.
Generally any problem with a non-secure link will produce a helpful message in the DevTools Console.
I am thinking if you developed the site then maybe you would have an idea where to look for links.
You could look in the source files for "http" it might be helpful. If you have access to a Linux-compatible shell (Cygwin, Laragon, etc. on Windows or Terminal on OSX) you can use the command 'grep' to search through source files.
If you're using Wordpress then links might be buried deep in the database so this approach can fail.
A crawler would be nice, yes, however I don't know any.
Maybe there is such a browser plugin?
Last edited by rolf (June 26 2018)
duke-of-bytes wrote:rolf wrote:Have you even heard of "developer tools" or "DevTools" (press F12 on Windows)?
I did.. But i was looking for a tool that can perhaps check the entire website source.
I guess i have to do it page by page?Ah I see you are looking for some kind of crawler.
I don't know.Generally any problem with a non-secure link will produce a helpful message in the DevTools Console.
I am thinking if you developed the site then maybe you would have an idea where to look for links.
You could look in the source files for "http" it might be helpful. If you have access to a Linux-compatible shell (Cygwin, Laragon, etc. on Windows or Terminal on OSX) you can use the command 'grep' to search through source files.
If you're using Wordpress then links might be buried deep in the database so this approach can fail.
A crawler would be nice, yes, however I don't know any.
Maybe there is such a browser plugin?
hello Rolf ..i didnt not develop the site .. and the company who developed turned out to be very amateurish
i am trying to harden everything i can on my vps including the website ..so i forced the https after installing certificates and i am fixing every issue as i progress
after clearing my cache i am not getting the unauthenticated script anymore .. but i didnt not check the entire website to be sure yet
Pages: 1