Not Secure Issue on Safari

Hi everyone,

I have just published my website: risk-pmo.com

I used a2 hosting for it, and I just installed an SSL for the website to make it secure. On Google Chrome, it shows that my website is secure. However, when I go through Safari on my iPhone, it shows that the website is not secure. I have an SSL downloaded though, so I am really unsure what I should do.

Does anyone know how to make it so that it doesn’t show Not Secure on Safari through a2 hosting?

Thanks

It looks like you haven’t set up a redirect to the https:// version, which means the insecure version is still available.

Have you added anything to the htaccess file for the redirect?

1 Like

According to whynopadlock the .htaccess file should look like this

RewriteEngine On
RewriteCond %{HTTP_HOST} risk-pmo\.com [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://risk-pmo.com/$1 [R,L]
1 Like

You also need to deal with forcing www or removing www.

I did the https on Cpanel and it works on all browsers

Not secure with www
http://www.risk-pmo.com/

Thanks to you all,

I used the code that Doug referred to in the other post that he attached in the comment, and I believe it worked.

Please listen to this…

Hi I also was having trouble with my SSl cert and getting my site to redirect. I used the htaccess code given below, it worked and redirected the page but lost all the formatting. I enclose a screen shot of both. has anyone else had this problem.

Any help would be appreciated. Thanks

You have to make sure you set the web address in RW general settings and publishing settings to https://… as well and republish all files. Have you done that?

Yes, I added robbeaties’s script. I republished all the files again and at least the website looks ok again but I am still not getting a secure link.

I’d suggest you don’t do redirects until you are sure you don’t have mixed content on the site. I don’t see a URL anywhere in the post so Can’t check for you.

Okay,
The only thing I see from Rob on this thread isn’t a script but htaccess file directives.

Going SSL is pretty straight forward

  1. Get the SSL certificate installed on your host account
  2. Switch the web address in RW from http to https
  3. republish all files from RapidWeaver
  4. check every page for mix content with something like Why No Padlock. Make sure you fix all active mixed content before attempting any redirects or you will break the site.
  5. Then and only then do redirects from http to https

Hi everyone, thanks for your help on this. I used Why No Padlock and followed their instructions and everything is now working up to a point. I am now getting these messages.


Any ideas how to fix this. Please.

Hard to tell from screenshots and I’m not going to try and retype the URL from a screenshot.

Sounds like you are maybe using warehoused images?

You need to change those to https as well.

There’s an image that’s still loading using http://. It needs to use https://. The image is the background image.

background-image:url('http://www.aromawellnesstherapies.com/5oil/radial-gradient(at%20center%20top,%20rgba(255,%20255,%20255,%200.12%200%,%20rgba(255,%20255,%20255,%200%2070%))');
1 Like

Hi Neil, thanks for that. When I inspect the pages in a web-browser I can see the issue. I am using the Affero theme and I cannot get to change the html. I have two websites, 1: www.holisticharmonies.com which is not giving the same issue and I also use Affero on it. 2: www.aromawellnesstherapies.com which is a sub-domain of the first. Would this be the problem. Any help greatly appreciated as I am not too well up on the technical side of things.

It looks like the image has been inserted using “Content Tools” or “Quick Edit”. Neither of those are part of RW, I think.

Are you using some kind of external widget or custom CSS feature?

Hi Neil, I am using Quick Edit on both sites. I removed it from the Aromawellness site and the site is now fully secure. However I have it also installed on my second site and I have no problems. As long as the site is secure I’m happy. Thanks for your help,
Michael