Sending my shopping cart pages to SSL


(Lesley Maple) #1

Hi everyone. I’m new to RapidWeaver and SSL. I have set up my website using RapidWeaver (ver. 7.2.2) and the Imprint theme as well as using Rapid Cart Pro 4 (ver 4.8.14) I just got an SSL cert for my website and it was installed by GoDaddy on a site hosted by GoDaddy.

Site: http://www.stellasbones.com

I have several pages (Home, About Us, Rates, FAQs) that I don’t necessarily want to be on a secure server and I have the shopping cart pages that I do want on the secure server. How do I have the “Store” link open on https and the rest of the site to open in just regular http?

I know that I could probably just run the whole site under the https but I really like the look of the lines above and below the title/header on each page and on the secure site, that ends up being jumbled and I need to remove it on those pages.

Thanks for any help you can give.

Lesley


(NeilUK) #2

One way to have SSL on just your store pages would be to host your store on a subdomain of stellasbones.com, maybe stellasbones.com/store. It would be a separate site in effect, but your users wouldn’t know that.

Personally, I just SSL the whole site, but I’m not sure if doing that has any huge advantages or disadvantages.


(Michael Frankland) #3

@twiggyann I would probably run the whole thing under SSL.
It’s easier to run it over a whole domain and in fact, Google recommend it:


(Matthew Long) #4

You could simply ensure that your link to the store page explicitly uses the URL https://www.stellasbones.com

In other words, if you use a button or a menu item to navigate to the store page just ensure that you use the ‘URL’ option when setting the link properties in RW, and not the ‘Page’ option. Then type in the URL as written above with ‘https’. This will force the connection to go over SSL for that page alone. As long as you have the correct SSL certificate on the site it will work.

Of course, you could also create a .htaccess file and place it in the root directory of your site. This can then force all pages to go over SSL, no matter whether the user types in ‘www.stellasbones.com’ or ‘stellasbones.com’. They will all be forced to connect securely and it is seamless to the user.


(Doug Bennett) #5

You should try to make the whole site SSL.
Certificates are issued by domain, and some will not work with a subdomain.

I think the problem with the display on SSL has to do with the fonts and jquery files being loaded from HTTP and not HTTPS.
This perhaps is a theme problem.

Why no padlock shows:

Domain Name: www.stellasbones.com
URL Tested: 
https://www.stellasbones.com/
Number of items downloaded on page: 34

	Valid Certificate found.
	Certificate valid through: Feb 19 18:00:01 2019 GMT
Certificate Issuer: GoDaddy.com, Inc. 
SSL Protocols Supported: TLSv1 TLSv1.1 TLSv1.2
	Total number of items: 34
Number of insecure items: 3
Insecure URL: http://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Found in: https://www.stellasbones.com/

Insecure URL: http://fonts.googleapis.com/css?family=Roboto+Condensed
Found in: 

https://www.stellasbones.com/rw_common/themes/Imprint/consolidated.css?rwcache=509299410

Insecure URL: http://fonts.googleapis.com/css?family=Oswald:400,700,300
Found in: https://www.stellasbones.com/rw_common/themes/Imprint/consolidated.css?rwcache=509299410

(Doug Bennett) #6

Lesley(@twiggyann),
Did a little more looking into your site

I don’t see what your talking about. If I look at your site with a https://www.stellasbones.com (SSL), it looks the same as the http://www.stellasbones.com (non-SSL). Maybe I just don’t see what your talking about

There are a few more thinks that need to be done to add SSL to your site:

I would also create a support ticket at the theme developers site (https://joeworkman.net/) as the fonts and jquery in the theme should be changed to https://

https://joeworkman.net/

The preview page https://preview.joeworkman.net/imprint/ from his site has same messages:


(Lesley Maple) #7

Thanks so much for all the responses. I am working with GoDaddy to deal with a redirect, I’ll make it so the whole site is secure and I’ll see what Joe Workman says about the insecure bits.

I really appreciate such a fast response.

Lesley