Solved: Some trouble switching to https

michilge · 2016-12-20 01:25:55

Hello community,

my hosting provider talked me into investing in a certificate which I delayed until now fearing the hassle of transition.
Now it has happened.

What are the places I have to touch?
I already changed may backlight settings, site settings in Wordpress, the typography section of all my templates for the url of locally hosted fonts. I cleared the template cache and exported the WP-Theme to wordpress after changing the url to the fonts.
For good measure I activated a standard WP-theme and switched back to my Backlight theme.

When I view a page from my WP blog, my site is still marked as partly insecure by firefox. When I look at the page source in firefox, the links to my custom.css and font-awesome.css still are http-links.
On gallery pages everything is fine.

Can I help myself with a rewrite rule?
Is that good practice?
And if yes, how is that done?

My site is at https://fotos.michilge.de/blog

Thank You in advance.
Best wishes to everybody
Michael

Edit: I believe, I could clear most of my problems by logging out of backlight admin, logging in again via a https-URL, touching my default menu and exporting the WP-theme once again.

Last edited by michilge (2016-12-21 06:27:28)

rod barbee · 2016-12-20 01:36:41

have you cleared browser cache? I just looked at your WP blog and the page source shows your custom css coming from

https://fotos.michilge.de/backlight/custom/css/mh_custom.css?ver=4.6.1

In fact, all the style sheets and script links in the source code contain https

michilge · 2016-12-20 01:42:42

Hello Rod,

You were quick, but I was quicker ;-) See my edit above.

What's left is edit my custom.css itself, but the ftp-server won't let me access fron this computer.

Thank You!
Michael

michilge · 2016-12-20 02:21:45

Update: After some research I added this to my .htaccess file:

RewriteCond %{SERVER_PORT} !^443$
RewriteRule (.*) https://%{HTTP_HOST}/$1 [R=301,L]

Intention is to avoid
- that content will be seen double by search engine crawlers which is said to have negative influence on rankings
- that content can be accessed unencrypted at all

Any thoughts on that?

michilge · 2016-12-21 06:37:48

What I also had to do was touching the masthead image and other images on my static Backlight pages.
Thsi means logging into Backlight via a https-connection, go to the masthead section of my templates, choose the masthead file from the dropdown list containing the uploaded files and save. Clear the template cache of course.
Reloading the Gallery in another browser window will now result in loading the identity plate via https.

jherman · 2016-12-25 23:03:38

Like michilge, I paid several years ago for an https: certificate and had never gotten around to implementing. The conversion actually required a number of changes including:
- Backlight settings
- Menus
- Pages and templates - for the masthead image to work properly, I had to change image to anything else and then back to original
- .htaccess
- WP settings
- LR - don't forget to change the TTG Publisher, no need to re publish

I use a number of internal links to other pages and need to change them to reflect https:, only about half done at present.

Problem.... I keep getting the following error on all browsers and all pages and have not been able to find and fix it:

Mixed Content: The page at 'https://jamesherman.net/galleries3/1_cambodia/' was loaded over HTTPS, but requested an insecure script 'http://widget.fotomoto.com/stores/scrip … 1269330677'. This request has been blocked; the content must be served over HTTPS.

This is just an example but the error is on all pages. I use the free Fotomoto service and cannot change the website without deleting and restarting - possibly with loss of my current pricing structure.

Before going the brute force route, can anyone confirm this is a Fotomoto problem and not a Backlight issue?

Matthew · 2016-12-26 15:26:34

The URL is hard-coded into Backlight. There might be a better way of handling this. In the meantime, you can edit the file /backlight/modules/standard-page/dynamic/view/page.html, then find:

<script src="http://widget.fotomoto.com/stores/script/

Update that to use "https"... instead, and give things a try. Please post back here; I'd love to hear whether that works for you with no further changes.

jherman · 2016-12-26 21:43:06

Were it only that easy. Changed to:

<script src="https://widget.fotomoto.com/stores/script/

The site no longer reports a security error and Fotomoto now works as expected. Not sure of the importance of the new errors, my impression is this is now Fotomoto code over which we have no control:

My sinking suspicion is that I also need to change the Fotomoto linked site, in the free case remove and link to the new https:// site with likely loss of pricing structure. Since Fotomoto now works on the secure site and the browser no longer complains of a security breach. I am inclined to leave for now.

Last edited by jherman (2016-12-26 21:54:32)

Matthew · 2016-12-27 12:31:27

Can you link me to a page that exhibits these errors?

jherman · 2016-12-28 05:27:00

I am still cleaning up some internal references which are not yet using https but most pages whether they are using Fotomoto or not have the error. I would suggest starting with my Featured page - all the galleries here have a Fotomoto enabled template.

Featured galleries with Fotomoto enabled template: https://jamesherman.net/galleries/
Galleries without Fotomoto enabled template: https://jamesherman.net/galleries2/turk … favorites/

charlie.choc · 2016-12-28 08:29:58

I have both http and https enabled on my site for transition purposes and the videos I have added as tests play fine in http but don't play at all in https?

An example is https://stalkinglight.com/galleries/vid … -solstice/

error: 13:41:07.865 Blocked loading mixed active content “http://www.youtube.com/embed/QPQt1Zed4Jg?modestbranding=1&autohide=1&wmode=opaque&autoplay=1&rel=0&showinfo=0&hd=1&fs=1” 1 holly-solstice
13:41:08.074 Blocked loading mixed active content “http://www.youtube.com/embed/QPQt1Zed4Jg?modestbranding=1&autohide=1&wmode=opaque&autoplay=1&rel=0&showinfo=0&hd=1&fs=1” 1 resource.php:92:16871

Last edited by charlie.choc (2016-12-29 03:55:15)

Matthew · 2016-12-28 17:54:19

jherman wrote:

I am still cleaning up some internal references which are not yet using https but most pages whether they are using Fotomoto or not have the error. I would suggest starting with my Featured page - all the galleries here have a Fotomoto enabled template.
Featured galleries with Fotomoto enabled template: https://jamesherman.net/galleries/
Galleries without Fotomoto enabled template: https://jamesherman.net/galleries2/turk … favorites/

Well, the console error reported on fotomoto-min.js is in Fotomoto's court.

The other error is on this script:

window.onload = function() {
document.getElementById("q").focus();
}

... and insofar as I can tell, that's not in Backlight. Did you add this yourself?

I'm guessing, but I think you want this to auto-focus on the input field on your search page, yes? So on any page that is not your search page, this serves no purpose. Rather than just getting the element "q", you should probably check for its existence first. We're loading jQuery, so it's probably easier to do use that:

if ( $('#q').length ) {
	$('#q').focus();
}

And that should cause no error to be thrown.

charlie.choc · 2016-12-29 08:36:36

I also tested vimeo videos with the same result and error, plays fine in http but not in https. It seems that somewhere http://youtube or vimeo is hard coded and the https site doesn't like the insecure content. I think I've changed all the settings in backlight and lightroom to https so not sure where to go from here. Video isn't that important to me now but when I get my Mavic Pro that might change. ;-)

Right now I have http and https virtual servers but would like to get rid of the http ones.

Thanks.

jherman · 2016-12-31 08:12:15

On the Fotomoto front, I suspected as much. Tried creating a new store, lost pricing structure as expected, not a huge loss at this point. Fotomoto does not seem to recognize an https:// site and automatically prepends http://. No help there. I have contacted the Fotomoto community for suggestions and will update as I learn more.

Regarding the other error, Matt is correct. attempted to automatically add focus on the Contact page. Seems to work but causes an error, see Rod's comments on http://community.theturninggate.net/vie … hp?id=7229.

I have fiddled with Matt's suggestion but have not yet made it work. Not that important. Have left commented out for now. Will try again soon.

jherman · 2017-01-01 05:58:01

Received this from Fotomoto:

Thank you for providing the page and screenshot. I was able to replicate the warnings you mentioned.
At first glance these do not look like security errors, rather just warnings that some elements are deprecated, which typically means that parts of the code are being phased out.
My initial suggestion is that there shouldn't be any impact to your ability to use Fotomoto on your site, but I will pass this along to our engineering team for their appraisal and response. Please do note that we check Fotomoto regularly and update code as needed to make sure all works as it should.
I'll post a more official response after I have word from our engineers.
Thanks again for pointing this out and kind regards,
Derek

sobhsepid · 2018-02-19 01:30:16

I think I've changed all the settings in backlight and lightroom to https so not sure where to go from here. Video isn't that important to me now but when I get my Mavic Pro that might change. ;-)

powerfulphotography · 2018-11-09 01:30:49

I am using Backlight and am still having problems converting to https I have changed the, .htaccess code

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{SERVER_PORT} !^443$
RewriteRule (.*) https://%{HTTP_HOST}/$1 [R=301,L]

and still no joy, all my url links have been changed to https also

http://powerfulphotography.co.uk/galleries/

Please help

rod barbee · 2018-11-09 02:17:06

What is the actual problem? Your site seems to be working as expected. All links I looked at start with htttps.

Daniel Leu · 2018-11-09 02:38:05

This is what I'm using and I have it as a separate section (eg, not merged with the other IfModule section):

<IfModule mod_rewrite.c>
	RewriteEngine On
	RewriteCond %{HTTPS} off
	RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</IfModule>

powerfulphotography · 2018-11-09 05:51:30

That has worked a treat thank you, is there any way that https can be forced to activate if someone used an old http link?

Last edited by powerfulphotography (2018-11-09 06:06:49)

Daniel Leu · 2018-11-09 07:48:20

powerfulphotography wrote:

That has worked a treat thank you, is there any way that https can be forced to activate if someone used an old http link?

This is what the code does. For my host, I had to edit Backlight > Admin > Settings > Advanced Settings and add this code to the .htaccess section and then perform Backlight > Admin > Upgrade Album Files.

Daniel Leu · 2018-11-09 08:34:10

powerfulphotography wrote:

I don't seem to have Backlight > Admin > Upgrade Album Files. with my version of TTG Backlight version: 1.2.3

Go to the backlight admin page, then there is a section called Special Links.

rod barbee · 2018-11-09 08:39:41

In Backlight 1 that link is actually in the Publisher Dashboard page. In the menu, go to Backlight > Publisher

powerfulphotography · 2018-11-09 08:42:03

Found the problem for me it's under Backlight > Publisher > Upgrade Album Files works like a treat thanks

Community @ The Turning Gate

#1 2016-12-20 01:25:55

Solved: Some trouble switching to https

#2 2016-12-20 01:36:41

Re: Solved: Some trouble switching to https

#3 2016-12-20 01:42:42

Re: Solved: Some trouble switching to https

#4 2016-12-20 02:21:45

Re: Solved: Some trouble switching to https

#5 2016-12-21 06:37:48

Re: Solved: Some trouble switching to https

#6 2016-12-25 23:03:38

Re: Solved: Some trouble switching to https

#7 2016-12-26 15:26:34

Re: Solved: Some trouble switching to https

#8 2016-12-26 21:43:06

Re: Solved: Some trouble switching to https

#9 2016-12-27 12:31:27

Re: Solved: Some trouble switching to https

#10 2016-12-28 05:27:00

Re: Solved: Some trouble switching to https

#11 2016-12-28 08:29:58

Re: Solved: Some trouble switching to https

#12 2016-12-28 17:54:19

Re: Solved: Some trouble switching to https

#13 2016-12-29 08:36:36

Re: Solved: Some trouble switching to https

#14 2016-12-31 08:12:15

Re: Solved: Some trouble switching to https

#15 2017-01-01 05:58:01

Re: Solved: Some trouble switching to https

#16 2018-02-19 01:30:16

Re: Solved: Some trouble switching to https

#17 2018-11-09 01:30:49

Re: Solved: Some trouble switching to https

#18 2018-11-09 02:17:06

Re: Solved: Some trouble switching to https

#19 2018-11-09 02:38:05

Re: Solved: Some trouble switching to https

#20 2018-11-09 05:51:30

Re: Solved: Some trouble switching to https

#21 2018-11-09 07:48:20

Re: Solved: Some trouble switching to https

#22 2018-11-09 08:34:10

Re: Solved: Some trouble switching to https

#23 2018-11-09 08:39:41

Re: Solved: Some trouble switching to https

#24 2018-11-09 08:42:03

Re: Solved: Some trouble switching to https

Board footer