Jump to content

https connection is no longer secure according to browsers


Recommended Posts



How do I check what makes my website unsecure? I updated 4 .css files, now my website is not secured. I thought css files only affected the layout. Currently chrome is turning https red and mozilla does not have the "verified by equifax" prefix anymore.

Please help!




I did a bit of research and found the error's origin. One of the modules causing this with the unsecure images. I checked the .tpl files and found this:-



{if $fbtwgconnectfbbutton == "on"}

<a href="javascript:void(0)" onclick="return fblogin();" title="Facebook">

<img src="{$base_dir}modules/fbtwgconnect/img/icon/fb.png" class="width_fbtwgconnect" />




I believe I need to change $base_dir but not sure to what. $base_dir_ssl or $content_dir?


Thank you.

Link to comment
Share on other sites

  • 3 weeks later...
  • 1 month later...
  • 3 weeks later...
  • 4 weeks later...

I have this issue on the domain https://www.turbopc.com.au


In Chrome I get the message on page call up: This page has insecure content. Learn More


After accepting to load the page with insecure content the URL Bar shows:




Also the page layout is not displaying properly, at both stages about indicating an CSS issue.


The Source file displays the following & is attached:


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">

<html xmlns="en">


<title>Constance Collections</title>

<meta name="Shop powered by PrestaShop" />

<meta name="shop, prestashop" />

<meta http-equiv="application/xhtml+xml; charset=utf-8" />

<meta name="PrestaShop" />

<meta name="index,follow" />

<link rel="image/vnd.microsoft.icon" href="http://www.constancecollections.com.au/img/favicon.ico?1339397131" />

<link rel="image/x-icon" href="http://www.constancecollections.com.au/img/favicon.ico?1339397131" />

<script type="/themes/theme261/css/global.css" rel="text/css" media="/modules/blockstore/blockstore.css" rel="text/css" media="/css/jquery.autocomplete.css" rel="text/css" media="/modules/productscategory/productscategory.css" rel="text/css" media="/css/jquery.jgrowl.css" rel="text/css" media="http://fonts.googleapis.com/css?family=Lobster' rel='text/css'>

<script type="/js/jquery/jquery-1.4.4.min.js"></script>

<script type="/js/jquery/jquery.easing.1.3.js"></script>

<script type="/js/tools.js"></script>

<script type="/modules/blockcart/ajax-cart.js"></script>

<script type="/themes/theme261/js/tools/treeManagement.js"></script>

<script type="/js/jquery/jquery.autocomplete.js"></script>

<script type="/modules/productscategory/productscategory.js"></script>

<script type="/js/jquery/jquery.serialScroll-1.2.2-min.js"></script>

<script type="/js/jquery/jquery.jgrowl-1.2.1.min.js"></script>


The Store is running PrestaShop™


The SSL Certificate is correctly set up on the server & SSL is also enabled in the Store's Admin Panels Preferences !!!


Any advise or suggestion here would be greatly appreciated.



Link to comment
Share on other sites

  • 2 weeks later...

The SSL problem reported here, specific to the turbopc.com.au website, is now FIXED.


Amazingly the SSL problem was not with The Store running PrestaShop™


The problem was due to an incomplete sign up process, required with the new CloudCache module, which we believe is only available for PrestaShop™ which was installed on the Store.




CloudCache v1.2 by PrestaShop

Supercharge your Shop with the CloudCache.com Content Delivery Network (CDN).




This module was installed at the > Modules > Administration page by the Turbo PC Store owner.


However, the module requires an additional sign up process at the CloudCache server.


We believe that because this was not completed by the Store Owner, after installing the CloudCache module, it broke the Store's SSL as previously reported.


When the Store Owner installed the CloudCache module, it writes a tools.php in override/classes folder. By deleting this file the SSL worked as did the meta tags.



SSL problems after upgrade to, images passing through http instead of https






I have fixed this issue, there was a tools.php in override/classes folder. I deleted it and now the problem has disappeared. No idea how that file got there.




With Turbo PC here is what the 'Index Page' Source File looks like after the tools.php in override/classes folder was deleted.


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">


<title>TurboPC </title>

<meta name="description" content="Shop powered by PrestaShop" />

<meta name="keywords" content="shop, prestashop" />

<meta http-equiv="Content-Type" content="application/xhtml+xml; charset=utf-8" />

<meta name="generator" content="PrestaShop" />

<meta name="robots" content="index,follow" />

<link rel="icon" type="image/vnd.microsoft.icon" href="https://www.turbopc.com.au/img/favicon.ico?1341227241" />

<link rel="shortcut icon" type="image/x-icon" href="https://www.turbopc.com.au/img/favicon.ico?1341227241" />

<script type="text/javascript">

var baseDir = 'https://www.turbopc.com.au/';

var static_token = 'ea3db6e46e681dcf61fe32b41ff156e5';

var token = 'f7a2a8843601695ca1252e2d198c679c';

var priceDisplayPrecision = 2;

var priceDisplayMethod = 0;

var roundMode = 2;


<link href="/themes/theme298/css/global.css" rel="stylesheet" type="text/css" media="all" />

<link href="/modules/blockstore/blockstore.css" rel="stylesheet" type="text/css" media="all" />

<link href="/css/jquery.autocomplete.css" rel="stylesheet" type="text/css" media="all" />

<link href="/css/jquery.jgrowl.css" rel="stylesheet" type="text/css" media="all" />

<link href='http://fonts.googleapis.com/css?family=Open+Sans:400,600,700' rel='stylesheet' type='text/css'>

<script type="text/javascript" src="/js/jquery/jquery-1.4.4.min.js"></script>

<script type="text/javascript" src="/js/jquery/jquery.easing.1.3.js"></script>

<script type="text/javascript" src="/js/tools.js"></script>

<script type="text/javascript" src="/modules/blockcart/ajax-cart.js"></script>

<script type="text/javascript" src="/themes/theme298/js/tools/treeManagement.js"></script>

<script type="text/javascript" src="/js/jquery/jquery.autocomplete.js"></script>

<script type="text/javascript" src="/js/jquery/jquery.jgrowl-1.2.1.min.js"></script>



Edited by tecknow (see edit history)
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...