HTTPS / htacces

    • 303 posts
    November 25, 2018 3:04 PM EST

    Hello 

    I have tried the following 

    https://support.socialengine.com/php/customer/en/portal/articles/2036045-how-to-protect-your-site-using-ssl-and-https?b_id=14386

    This either killed my site ( didnt load ) or the www section would just make my site unsecure with no style sheet still.  

     

    The issue im having is my site using a secure connection (https ) but trying to deliver an unsecure ( http css file. This issue is only present on the landing page. Once logged in its fine.

    I searched the forums and found a similar post but it referred to the google font in theme.css , I added full https//mydomain.com link to the css file but this didnt help either. 

    I followed the KB guide on file perms but that also did nothing. 

     

    My setup is Centos 7.5 WHM/Cpanel with Engintron and php7.2 

     

    Any help would be great. 

     

    I did some googling but other than the KB it only brought up " undesirable " websites. 

     

    Thanks 

    • Moderator
    • 6923 posts
    November 25, 2018 5:53 PM EST

    I've not had any trouble with SSL on my sites. I use let's encrypt for SSL and we do here too. I guess see what the non secure stuff is via inspect element. I checked my own site which uses insignia theme and it's secure with no issues. You can see in the below that there are no errors here. This is the same result I get at my own site.

    • 303 posts
    November 25, 2018 6:02 PM EST

    its the style sheets thats causing me the issue. I was using auto ssl via WHM, i'll check into using lets encrypt as i have used this before for all my nginx servers. 

     

    • Moderator
    • 6923 posts
    November 26, 2018 5:00 AM EST

    Hmmm it should say more than that and point to the actual file that's causing the issue. Are you using insignia? 

    • 303 posts
    November 26, 2018 5:12 AM EST

    I was using the default theme, It did show more I was just not showing the domain that was all, being lazy i guess. I have had to reinstall my server as even reverting back to normal didnt fix anything. Currently im on http now with a fresh install. I'll tackle this again today and see about using lets encrypt instead. I will update with what happens 

    • 629 posts
    November 30, 2018 12:58 AM EST

    You could technically use a rewrite in .htaccess to force https redirects globally. This way the files are always put through https connections.