Announcement

Collapse
No announcement yet.

Site says not secure.

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Site says not secure.

    Some members are asking me about this. In the URL address, it's saying not secure. What can I do to correct this?

    Click image for larger version

Name:	secure.jpg
Views:	53
Size:	13.9 KB
ID:	4401600

  • #2
    We are getting similar member reports, if they click on any email links such as forgotten password or activation links, they get a site not secure warning.
    __________________________________________
    We don't stop playing because we grow old;
    we grow old because we stop playing.
    GBS

    Comment


    • #3
      Thanks for replying, but what can we do about it. Some members go crazy...

      Comment


      • #4
        I've asked about this....
        MARK.B | vBULLETIN SUPPORT

        TalkNewsUK - My vBulletin 5.5.2 Demo
        AdminAmmo - My Cloud Demo

        Comment


        • #5
          Originally posted by montana rover View Post
          Some members are asking me about this. In the URL address, it's saying not secure. What can I do to correct this?

          Click image for larger version

Name:	secure.jpg
Views:	53
Size:	13.9 KB
ID:	4401600
          Ok for this site, on your home page you have an embedded image loaded over http rather than https, which is giving a mixed content warning:

          http://www.rvresources.com/images/rvresourceslogo.gif

          You'll need to load that over https instead, that will fix your problem.
          MARK.B | vBULLETIN SUPPORT

          TalkNewsUK - My vBulletin 5.5.2 Demo
          AdminAmmo - My Cloud Demo

          Comment


          • #6
            Originally posted by MrsTiggywinkle View Post
            We are getting similar member reports, if they click on any email links such as forgotten password or activation links, they get a site not secure warning.
            I'm not seeing any issue on your site, can you replicate the problem yourself using a test account and requesting a new password?
            MARK.B | vBULLETIN SUPPORT

            TalkNewsUK - My vBulletin 5.5.2 Demo
            AdminAmmo - My Cloud Demo

            Comment


            • #7
              It's inevitable for forums with user-generated content that someone would embed an external image pointing to an http address. In that case, you would get mixed content error causing no padlock icon in the address bar. To avoid that, add this in the head.

              HTML Code:
              <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content" />
              To add it on self-hosted version, you simply paste the code in head_include template.

              For vBCloud, you can re-purpose the Search Engine Tools > Google Ownership Verification HTML tag in AdminCP and add the meta tag there. Be sure to enable the Enable Google Ownership Verification if it's not enabled yet.

              GIPHY for vB5 AutoLinker Auto-Create Flag Report Topic Social Icons in Postbit Clear Cache Cron DragDrop Upload Topic AJAX AutoUpdate Custom Avatars Selector Stop Links in Posts...and more!

              Comment


              • #8
                Thanks Glenn
                vB Mods That Rock!

                Comment


                • #9
                  Originally posted by Mark.B View Post

                  I'm not seeing any issue on your site, can you replicate the problem yourself using a test account and requesting a new password?
                  I will try Mark and see what happens. (Might have to be tomorrow, half term here and grandparent duties for 4 hyper grandchildren )

                  I have asked members what browser they use but no reply yet, I heard the latest Firefox might be showing Https sites as not secure but can't find any firm reports.

                  __________________________________________
                  We don't stop playing because we grow old;
                  we grow old because we stop playing.
                  GBS

                  Comment


                  • #10
                    Originally posted by Glenn Vergara View Post
                    It's inevitable for forums with user-generated content that someone would embed an external image pointing to an http address. In that case, you would get mixed content error causing no padlock icon in the address bar. To avoid that, add this in the head.

                    HTML Code:
                    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content" />
                    To add it on self-hosted version, you simply paste the code in head_include template.

                    For vBCloud, you can re-purpose the Search Engine Tools > Google Ownership Verification HTML tag in AdminCP and add the meta tag there. Be sure to enable the Enable Google Ownership Verification if it's not enabled yet.
                    Thanks Glenn I will add that but not sure it would fix the email problem as the links are definitely https.
                    __________________________________________
                    We don't stop playing because we grow old;
                    we grow old because we stop playing.
                    GBS

                    Comment


                    • #11
                      Originally posted by MrsTiggywinkle View Post

                      Thanks Glenn I will add that but not sure it would fix the email problem as the links are definitely https.
                      Mixed content won't affect links in an email, unless there's an insecure image embedded in the page linked to, which is unlikely.
                      MARK.B | vBULLETIN SUPPORT

                      TalkNewsUK - My vBulletin 5.5.2 Demo
                      AdminAmmo - My Cloud Demo

                      Comment


                      • #12
                        Thank you Mark for pointing me in the right direction. He's was my issue.

                        I had added a "Static Module" and within it I added 3 external links and their banners in the module HTML box to show this below. It's a screen shot so clicking on it won't work.

                        Click image for larger version

Name:	secure3.jpg
Views:	66
Size:	37.1 KB
ID:	4401677


                        When I opened up the module and looked at the HTML code, 4 out of 6 URL didn't have the "S" after the "P" http:// to be https://. See photo below.

                        Click image for larger version

Name:	secure1.jpg
Views:	41
Size:	116.6 KB
ID:	4401678


                        After making the corrections, I now have a secure site!!!! Members are HAPPY once again.

                        Click image for larger version

Name:	secure2.jpg
Views:	42
Size:	5.2 KB
ID:	4401679

                        Hope this helps others.

                        Comment


                        • #13
                          Originally posted by Mark.B View Post

                          I'm not seeing any issue on your site, can you replicate the problem yourself using a test account and requesting a new password?
                          I tested it Mark.B without any problems. Will just have to wait until it happens again and try to find out what browser they use or what steps they did at the time.
                          __________________________________________
                          We don't stop playing because we grow old;
                          we grow old because we stop playing.
                          GBS

                          Comment

                          widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                          Working...
                          X