XF 2.0 Site not secure?
- Thread starter interforo
- Start date
Martok
Well-known member
Sorry no. No idea what is causing that and I don't have time to investigate. All I know is it is related to some of the advertising on your site - see the yellow error boxes in point 3 of my first post. You'll have to contact whoever is providing your ads for a fix.That is completely out of my expertise
Can you help more?
TPerry
Well-known member
Pretty sure those are going to be due to the ad network he's using if referring to the adx.4strokemedia.xxx issuesNow you just have to find out what is causing the errors on your site and fix those (point 3 of my first post in this thread).
Code:
var OX_801ff11a = '';
OX_801ff11a += "<"+"script type=\"text/javascript\">\n";
OX_801ff11a += "var googletag = googletag || {};\n";
OX_801ff11a += "googletag.cmd = googletag.cmd || [];\n";
OX_801ff11a += "(function() {\n";
OX_801ff11a += "if(typeof(googletag.loaded)==\"undefined\"){\n";
OX_801ff11a += "googletag.loaded=true;\n";
OX_801ff11a += "var gads = document.createElement(\"script\");\n";
OX_801ff11a += "gads.async = true;\n";
OX_801ff11a += "gads.type = \"text/javascript\";\n";
OX_801ff11a += "var useSSL = \"https:\" == document.location.protocol;\n";
OX_801ff11a += "gads.src = (useSSL ? \"https:\" : \"http:\") + \"//www.googletagservices.com/tag/js/gpt.js\";\n";
OX_801ff11a += "var node =document.getElementsByTagName(\"script\")[0];\n";
OX_801ff11a += "node.parentNode.insertBefore(gads, node);\n";
OX_801ff11a += "}\n";
OX_801ff11a += "})();\n";
OX_801ff11a += "var _4wpgD=_4wpgD||top._4wpgD||{pg:\'\',key:\'\',blob:\'\',srv:\'\',pg_src:\'\'};\n";
OX_801ff11a += "<"+"/script>\n";
OX_801ff11a += "<"+"div id=\"div-gpt-ad-4sm-160\">\n";
OX_801ff11a += "<"+"script type=\'text/javascript\'>\n";
OX_801ff11a += "googletag.cmd.push(function() {\n";
OX_801ff11a += "googletag.pubads().collapseEmptyDivs(true);\n";
OX_801ff11a += "googletag.defineSlot(\'/316816995/interfans.org\', [[120, 600], [160, 600]],\'div-gpt-ad-4sm-160\')\n";
OX_801ff11a += ".addService(googletag.pubads())\n";
OX_801ff11a += ".setTargeting(\"pg\", _4wpgD.pg)\n";
OX_801ff11a += ".setTargeting(\"asiPlacements\", _4wpgD.key)\n";
OX_801ff11a += ".setTargeting(\"asiBlob\", _4wpgD.blob)\n";
OX_801ff11a += ".setTargeting(\"asiSrv\", _4wpgD.srv);\n";
OX_801ff11a += "googletag.enableServices();\n";
OX_801ff11a += "googletag.display(\'div-gpt-ad-4sm-160\');\n";
OX_801ff11a += "});\n";
OX_801ff11a += "<"+"/script>\n";
OX_801ff11a += "<"+"/div><"+"div id=\'beacon_936cd26e62\' style=\'position: absolute; left: 0px; top: 0px; visibility: hidden;\'><"+"img src=\'https://adx.4strokemedia.com/www/delivery/lg.php?bannerid=7250&campaignid=256&zoneid=3439&loc=https%3A%2F%2Finterfans.org%2Fforum%2F&cb=936cd26e62\' width=\'0\' height=\'0\' alt=\'\' style=\'width: 0px; height: 0px;\' /><"+"/div>\n";
document.write(OX_801ff11a);
HD-Sam
Member
@interforo I found these URLs on your forum and the last one on your homepage. Even though they redirect with a 301, it's probably best to search your template and update them.
http://www.interfans.org/immagini/forum_new.png
http://www.interfans.org/immagini/facebook.png
http://www.interfans.org/immagini/twitter.png
http://www.interfans.org/immagini/sfondoforum.jpg
http://www.interfans.org/immagini/forum_old.png
Homepage: http://www.interfans.org/wp-content/uploads/p4.jpg
For your homepage/WP side, even though this won't cause an insecure flag, your Forum menu link for example still uses HTTP. I recommend using the Really Simple SSL plugin. It converts all sources and links within WordPress to HTTPS.
http://www.interfans.org/immagini/forum_new.png
http://www.interfans.org/immagini/facebook.png
http://www.interfans.org/immagini/twitter.png
http://www.interfans.org/immagini/sfondoforum.jpg
http://www.interfans.org/immagini/forum_old.png
Homepage: http://www.interfans.org/wp-content/uploads/p4.jpg
For your homepage/WP side, even though this won't cause an insecure flag, your Forum menu link for example still uses HTTP. I recommend using the Really Simple SSL plugin. It converts all sources and links within WordPress to HTTPS.
interforo
Active member
I really don't know.
Those all have https
Or:
.node--forum.node--read .node-icon i:before{content: url(/immagini/forum_old.png);}
.node--forum.node--unread .node-icon i:before{content: url(/immagini/forum_new.png);}
HD-Sam
Member
You can view the HTTP "Request Details" here: https://www.webpagetest.org/result/...6ba2676df6009/1/details/#waterfall_view_step1 (Ctrl-F in your browser for http://) :
Although, perhaps you fixed it? When I reran the test just now, all are HTTPS.
One thing I noticed is that some of your URLs use www.interfans.org and some interfans.org. It's recommended to use either the www or the non-www form and stick with one. For example, your WordPress frontend redirects to www while the /forum subfolder redirects to non-www. A minor .htaccess adjustment should do the trick and it may also alleviate any redirection or HTTP/HTTPS issues.
Although, perhaps you fixed it? When I reran the test just now, all are HTTPS.
One thing I noticed is that some of your URLs use www.interfans.org and some interfans.org. It's recommended to use either the www or the non-www form and stick with one. For example, your WordPress frontend redirects to www while the /forum subfolder redirects to non-www. A minor .htaccess adjustment should do the trick and it may also alleviate any redirection or HTTP/HTTPS issues.
tourmeister
Active member
I could use some help.
I just changed my forum over from vB3.8.1 to the newest XF2. In the process, I moved the site to a new VPS. Everything is up and running and seems to be working great. The only issue is that I cannot seem to get the site to show as being secure in my browser. I always have the little yellow triangle on the padlock with the exclamation mark in it.
I have gone through everything I can think of using this resource
My site is,
Two Wheeled Texans
www.twtex.com
I have used the F12 inspector thing in Firefox to search for any instances of "http://" and it tells me there are no results.
My browser shows the "https://" in the URL bar even though the padlock is not showing secure.
I have gone through all the settings in the ADMIN CP that I can think of and still can't figure it out.
I am new to this and have never setup SSL on a site with a forum. It was super easy on my two static HTML websites.
I just changed my forum over from vB3.8.1 to the newest XF2. In the process, I moved the site to a new VPS. Everything is up and running and seems to be working great. The only issue is that I cannot seem to get the site to show as being secure in my browser. I always have the little yellow triangle on the padlock with the exclamation mark in it.
I have gone through everything I can think of using this resource
My site is,
Two Wheeled Texans
www.twtex.com
I have used the F12 inspector thing in Firefox to search for any instances of "http://" and it tells me there are no results.
My browser shows the "https://" in the URL bar even though the padlock is not showing secure.
I have gone through all the settings in the ADMIN CP that I can think of and still can't figure it out.
I am new to this and have never setup SSL on a site with a forum. It was super easy on my two static HTML websites.
Ozzy47
Well-known member
Test Results: www.twtex.com - Why No Padlock?
Why No Padlock? - Why is my SSL web page insecure? Find the culprit!
www.whynopadlock.com
tourmeister
Active member
Test Results: www.twtex.com - Why No Padlock?
Why No Padlock? - Why is my SSL web page insecure? Find the culprit!
Thanks. I have been on that site trying to figure it out.
I suspected the redirects might be a problem.
In the /public_html/ directory, the .htaccess file has the following,
My actual forum is located in the /public_html/forums directory. I do not currently have a home page in the /public_html directory. So when someone comes to the site, I needed to redirect to the /forums/index.php.
There is also an .htaccess file in the /forums directory,
What I need is a redirect that moves users from either www.twtex.com or twtex.com to the /forums/index.php and the code that forces the https. I have never messed with this kind of thing so I don't know how it works or what the statement formats should be.
tourmeister
Active member
Hmmm...
I removed the https: code from the .htaccess file in the /forums directory, so now it is only in the .htaccess in the /public_html directory and the whynopadlock site is happy.
However, it still does not show as secure for me using FireFox.
I removed the https: code from the .htaccess file in the /forums directory, so now it is only in the .htaccess in the /public_html directory and the whynopadlock site is happy.
However, it still does not show as secure for me using FireFox.
tourmeister
Active member
Oh man... This has been like playing whack-a-mole!! BUT, I did get it to work. I am not exactly sure how, other than I walked away to go to the restroom, came back, and just like that it started working! 
I suspect it had something to do with the .htaccess files and a redirect. I finally got those sorted, cleared my browser cache, and restarted the browser.
Now I am off to whack the next mole...
I suspect it had something to do with the .htaccess files and a redirect. I finally got those sorted, cleared my browser cache, and restarted the browser.
Now I am off to whack the next mole...
Similar threads
- Question
- Question
