I just realized that none of our shopping cart order registration are secured. In other words there is no lock incon on any of the browsers and we get the following alerts from
You have requested an encrypted page that contains some unencrypted information. Information that you see or enter on this page could easily be read by a third party.
This page has insecure content.
Can any steer me in the right direction? I thought there was security on these pages before. Something change?
Most likely when the site switches to SSL your page or template still references files, images, etc using http. You'll need to check your template and page and remove the http reference and use relative links or absolute using https.
For more details on how to resolve please view this article below.
They used to be secured, but not as of recently.
Can you tell me what is not a secured link? Would the social networking icons be the culprit?
https://lindalarsen.worldsecuresystems.com/OrderRetrievev2.aspx?Step=1 3&CartID=370a6da9-c5a5-4b57-964d-342f68ecbe27&CheckOut=1&ANONID=f12a54 d7-ecdb-4e1a-977b-9bd64b6c3e26&VISID=33262a5a-b7d7-4aa6-8e26-9ca597b34 f73%23www.lindalarsenmotivationalspeaker.com%2308.08.2012+14%3a57%3a37 .688&VID=0&VSV=&SelectedRateKey=
Sorry to bother, but I created a clean template for the store, void of any external and absolute http: links. However, the checkout process isn't following format and pulls another template. How does one assign templates to and beginning with the store page?
Yes, got it to work. Had remove alot of the template js, social networking refs, addthis code, and even TypeKit reference. That was the one I was hoping I could keep, but alas it did have to be removed.
Any way around that? No, biggy, because the problem has been solved!
Joel, for anything like Typekit for example if you use post relative protocol for the url you get around the https http issue:
Normal URL but you would encounter issues on https:
Change the start to be like this:
You get the automatic use of HTTPS on secure pages and avoid the overhead of HTTPS on non-secure pages. Downside is that between https and http the client user has to re-download but for the odd thing and hassle of insecure content this is a good solution.
At any time local files etc you do src="/...." of course.
@font-face for example is also a better implementation then typekit across http and https and performance as well. Google fonts also have an @import version to load the fonts in for your CSS.