Shopping Cart Operations > Security

SSL Certificate showing mixed usage content

(1/4) > >>

Thumper:
I really like AbanteCart and have it up and running with no issues....except this one. I am not running AbanteCart out of the root of the domain, but rather in a subdomain "shop.mydomain.com". I have the SSL certificate on that subdomain and AbanteCart compes up however I am showing that it is not secure as it has mixed usage. Note: I do have all the correct settings in the "Systems|Settings|Store Details" and I do have "Use SSL" set to ON.

While I'm fairly sure that the credit card information (using the Stripe extension) would be encrypted, I'm afraid that users of my shop may be concerned (and not purchase) if they don't see the complete padlock...but instead see the padlock with a warning triangle.

What mixed usage/content might there be in AbanteCart? I am using it virtually straight out of the box with only my verbiage and five product images.

llegrand:
Be sure that you have the url for BOTH  the Store URL  AND Secure Store URL  with HTTPS://

And this is a handy little tool to help you identify what's causing the padlock not to show correctly on a page.

https://www.whynopadlock.com/index.html

Post back if you're still having an issue.

Lee

Basara:
Hi.

Also if you have some HTML blocks with HTTP urls added or 3rd party extension installed maybe it load some content via HTTP so 'mixed content' warning appear

Thumper:
@ llegrand - Yes, I do have the Store URL and the Secure Store URL set appropriately and correctly. Thanks for the link for the handy tool. That did give me a lot of insight.

@ Basara - I did a basic installation of AbanteCart into mydomain.com/shop because I have other important business related pages under the root domain. The only changes made were text changes in "About Us", the "Main Page" welcome information and the product information. To be able to set a Subject Alternative Name in my GoDaddy UCC SSL certificate I had to set a domain name, thus the shop.mydomain.com name.

When I ran the "whynopadlock" utility, it gave me 57 insecure items, all of them in basic installed files (graphic files like png and jpg and many css files), which I have not altered in any way. (see below - NOTE: I couldn't post external links so I had to change everything to non-links. Add the http and https + mydomain,com in front of the shop folder.)

Total number of items: 94
Number of insecure items: 57

Insecure URL: /shop/storefront/view/default/stylesheet/bootstrap.min.css
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/stylesheet/flexslider.css
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/stylesheet/onebyone.css
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/stylesheet/font-awesome.min.css
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/stylesheet/fonts.google.css
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/stylesheet/style.css
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/javascript/jquery-1.11.0.min.js
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/javascript/jquery-migrate-1.2.1.min.js
Found in: shop.mydomain.com

Insecure URL: /shop/resources/image/18/79/e.jpg
Found in: shop.mydomain.com

Insecure URL: /shop/resources/image/18/76/2.jpg
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/image/banner_image_1.png
Found in: shop.mydomain.com

Insecure URL: /shop/image/thumbnails/18/7a/IICM_jpg-100260-250x250.jpg
Found in: shop.mydomain.com

Insecure URL: /shop/image/thumbnails/18/7a/LEOTrakPremium_jpg-100259-250x250.jpg
Found in: shop.mydomain.com

Insecure URL: /shop/image/thumbnails/18/7a/LEOTrakAdvanced_jpg-100258-250x250.jpg
Found in: shop.mydomain.com

Insecure URL: /shop/image/thumbnails/18/7a/LEOTrakBasic_jpg-100257-250x250.jpg
Found in: shop.mydomain.com

Insecure URL: /shop/image/thumbnails/18/7a/Details_JPG-100256-250x250.jpg
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/image/stars_5.png
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/javascript/bootstrap.min.js
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/javascript/common.js
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/javascript/respond.min.js
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/javascript/jquery.flexslider.min.js
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/javascript/easyzoom.js
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/javascript/jquery.validate.min.js
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/javascript/jquery.carouFredSel.min.js
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/javascript/jquery.mousewheel.min.js
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/javascript/jquery.touchSwipe.min.js
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/javascript/jquery.ba-throttle-debounce.min.js
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/javascript/jquery.onebyone.min.js
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/javascript/custom.js
Found in: shop.mydomain.com

Insecure URL: /shop/extensions/banner_manager/storefront/view/default/javascript/banner_manager.js
Found in: shop.mydomain.com

Insecure URL: /shop/storefront/view/default/fonts/glyphicons-halflings-regular.eot
Found in: /shop/storefront/view/default/stylesheet/bootstrap.min.css

Insecure URL: /shop/storefront/view/default/fonts/glyphicons-halflings-regular.eot?
Found in: /shop/storefront/view/default/stylesheet/bootstrap.min.css

Insecure URL: /shop/storefront/view/default/fonts/glyphicons-halflings-regular.woff2
Found in: /shop/storefront/view/default/stylesheet/bootstrap.min.css

Insecure URL: /shop/storefront/view/default/fonts/glyphicons-halflings-regular.woff
Found in: /shop/storefront/view/default/stylesheet/bootstrap.min.css

Insecure URL: /shop/storefront/view/default/fonts/glyphicons-halflings-regular.ttf
Found in: /shop/storefront/view/default/stylesheet/bootstrap.min.css

Insecure URL: /shop/storefront/view/default/fonts/glyphicons-halflings-regular.svg
Found in: /shop/storefront/view/default/stylesheet/bootstrap.min.css

Insecure URL: /shop/storefront/view/default/image/bg_direction_nav.png
Found in: /shop/storefront/view/default/stylesheet/flexslider.css

Insecure URL: /shop/storefront/view/default/image/carousalarrow.png
Found in: /shop/storefront/view/default/stylesheet/flexslider.css

Insecure URL: /shop/storefront/view/default/image/slderleftimg.png
Found in: /shop/storefront/view/default/stylesheet/flexslider.css

Insecure URL: /shop/storefront/view/default/image/banner_shadow.png
Found in: /shop/storefront/view/default/stylesheet/onebyone.css

Insecure URL: /shop/storefront/view/default/image/circles.png
Found in: /shop/storefront/view/default/stylesheet/onebyone.css

Insecure URL: /shop/storefront/view/default/image/back.png
Found in: /shop/storefront/view/default/stylesheet/onebyone.css

Insecure URL: /shop/storefront/view/default/image/forward.png
Found in: /shop/storefront/view/default/stylesheet/onebyone.css

Insecure URL: /shop/storefront/view/default/fonts/fontawesome-webfont.eot?v=4.4.0
Found in: /shop/storefront/view/default/stylesheet/font-awesome.min.css

Insecure URL: /shop/storefront/view/default/fonts/fontawesome-webfont.eot?
Found in: /shop/storefront/view/default/stylesheet/font-awesome.min.css

Insecure URL: /shop/storefront/view/default/fonts/fontawesome-webfont.woff2?v=4.4.0
Found in: /shop/storefront/view/default/stylesheet/font-awesome.min.css

Insecure URL: /shop/storefront/view/default/fonts/fontawesome-webfont.woff?v=4.4.0
Found in: /shop/storefront/view/default/stylesheet/font-awesome.min.css

Insecure URL: /shop/storefront/view/default/fonts/fontawesome-webfont.ttf?v=4.4.0
Found in: /shop/storefront/view/default/stylesheet/font-awesome.min.css

Insecure URL: /shop/storefront/view/default/fonts/fontawesome-webfont.svg?v=4.4.0
Found in: /shop/storefront/view/default/stylesheet/font-awesome.min.css

Insecure URL: /shop/storefront/view/default/image/sprite.png
Found in: /shop/storefront/view/default/stylesheet/style.css

Insecure URL: /shop/storefront/view/default/image/offer.png
Found in: /shop/storefront/view/default/stylesheet/style.css

Insecure URL: /shop/storefront/view/default/image/sale.png
Found in: /shop/storefront/view/default/stylesheet/style.css

Insecure URL: /shop/storefront/view/default/image/new.png
Found in: /shop/storefront/view/default/stylesheet/style.css

Insecure URL: /shop/storefront/view/default/image/rate.png
Found in: /shop/storefront/view/default/stylesheet/style.css

Insecure URL: /shop/storefront/view/default/image/arrowcategory.png
Found in: /shop/storefront/view/default/stylesheet/style.css

Insecure URL: /shop/storefront/view/default/image/footericon.png
Found in: /shop/storefront/view/default/stylesheet/style.css

Insecure URL: /shop/storefront/view/default/image/gotop.png
Found in: /shop/storefront/view/default/stylesheet/style.css

Shouldn't these items be secure items in your basic installation? For what it's worth, and I don't want to switch back, but my ZenCart installation under mydomain/store folder is fully secure with my main domain's SSL certificate which is supposed to cover all folders under the domain. It appears to do that with ZenCart...why not in AbanteCart even with my UCC SSL certificate?

eCommerce Core:
What is your URL?

Navigation

[0] Message Index

[#] Next page

Go to full version
Powered by SMFPacks Social Login Mod