This topic contains 6 replies, has 2 voices, and was last updated by 
Rogier Lankhorst 2 years, 3 months ago.
- Posts
sophiaHi so my site is still showing that I have 5 insecure items that Real Simple SSL isnt fixing for some reason and I cant find them manually fix them myself. Its making my site unusable.
—–these are the 5 insecure items:
Total number of items: 131
Number of insecure items: 5
Insecure URL: http://fonts.googleapis.com/css?family=Black+Ops+One%7CLuckiest+Guy%7CSonsie+One%7CShojumaru&effect=3d%7C3d-float%7Canaglyph%7Cbrick-sign%7Ccanvas-print%7C%20%20crackle%7Cdecaying%7Cdestruction%7Cdistressed%7Cdistressed-wood%7Cemboss%7Cfire%7Cfire-animation%7Cfragile%7Cgrass%7Cice%7Cmitosis%7Cneon%7Coutline%7Cputting-green%7C%20%20%20%20%20%20%20%20%20%20%20%20scuffed-steel%7Cshadow-multiple%7Csplintered%7Cstatic%7Cstonewash%7Cvintage%7Cwallpaper
Found in: https://wearrose.com/Insecure URL: http://fonts.gstatic.com/s/blackopsone/v7/2XW-DmDsGbDLE372KrMW1SbsRidxnYrfzLNRqJkHfFo.ttf
Found in: http://fonts.googleapis.com/css?family=Black+Ops+One%7CLuckiest+Guy%7CSonsie+One%7CShojumaru&effect=3d%7C3d-float%7Canaglyph%7Cbrick-sign%7Ccanvas-print%7C%20%20crackle%7Cdecaying%7Cdestruction%7Cdistressed%7Cdistressed-wood%7Cemboss%7Cfire%7Cfire-animation%7Cfragile%7Cgrass%7Cice%7Cmitosis%7Cneon%7Coutline%7Cputting-green%7C%20%20%20%20%20%20%20%20%20%20%20%20scuffed-steel%7Cshadow-multiple%7Csplintered%7Cstatic%7Cstonewash%7Cvintage%7CwallpaperInsecure URL: http://fonts.gstatic.com/s/luckiestguy/v6/5718gH8nDy3hFVihOpkY5InF5uFdDttMLvmWuJdhhgs.ttf
Found in: http://fonts.googleapis.com/css?family=Black+Ops+One%7CLuckiest+Guy%7CSonsie+One%7CShojumaru&effect=3d%7C3d-float%7Canaglyph%7Cbrick-sign%7Ccanvas-print%7C%20%20crackle%7Cdecaying%7Cdestruction%7Cdistressed%7Cdistressed-wood%7Cemboss%7Cfire%7Cfire-animation%7Cfragile%7Cgrass%7Cice%7Cmitosis%7Cneon%7Coutline%7Cputting-green%7C%20%20%20%20%20%20%20%20%20%20%20%20scuffed-steel%7Cshadow-multiple%7Csplintered%7Cstatic%7Cstonewash%7Cvintage%7CwallpaperInsecure URL: http://fonts.gstatic.com/s/shojumaru/v4/pYVcIM206l3F7GUKEvtB3aCWcynf_cDxXwCLxiixG1c.ttf
Found in: http://fonts.googleapis.com/css?family=Black+Ops+One%7CLuckiest+Guy%7CSonsie+One%7CShojumaru&effect=3d%7C3d-float%7Canaglyph%7Cbrick-sign%7Ccanvas-print%7C%20%20crackle%7Cdecaying%7Cdestruction%7Cdistressed%7Cdistressed-wood%7Cemboss%7Cfire%7Cfire-animation%7Cfragile%7Cgrass%7Cice%7Cmitosis%7Cneon%7Coutline%7Cputting-green%7C%20%20%20%20%20%20%20%20%20%20%20%20scuffed-steel%7Cshadow-multiple%7Csplintered%7Cstatic%7Cstonewash%7Cvintage%7CwallpaperInsecure URL: http://fonts.gstatic.com/s/sonsieone/v5/EL7Rcl854lo1-oEwLR8r0i3USBnSvpkopQaUR-2r7iU.ttf
Found in: http://fonts.googleapis.com/css?family=Black+Ops+One%7CLuckiest+Guy%7CSonsie+One%7CShojumaru&effect=3d%7C3d-float%7Canaglyph%7Cbrick-sign%7Ccanvas-print%7C%20%20crackle%7Cdecaying%7Cdestruction%7Cdistressed%7Cdistressed-wood%7Cemboss%7Cfire%7Cfire-animation%7Cfragile%7Cgrass%7Cice%7Cmitosis%7Cneon%7Coutline%7Cputting-green%7C%20%20%20%20%20%20%20%20%20%20%20%20scuffed-steel%7Cshadow-multiple%7Csplintered%7Cstatic%7Cstonewash%7Cvintage%7Cwallpaper—–and my .htaccess is showing this:
# Use PHP5.4 Single php.ini as default
AddHandler application/x-httpd-php54s .php# BEGIN rlrssslReallySimpleSSL rsssl_version[2.5.7]
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTPS} !=on [NC]
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</IfModule>
# END rlrssslReallySimpleSSL# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule># END WordPress
—-Finally when I run my SSL test through your plugin I get this result:
Your server can detect HTTPS normally. The recommended setting for HTTPS detection is standard WordPress function.
Your server environment shows this:
Array
(
[HTTPS] => on
[MAGICK_THREAD_LIMIT] => 1
[SSL_TLS_SNI] => wearrose.com
[PHPRC] => /home6/wearrose/public_html/:/usr/php/54/etc/
)—-HELP PLEASE!
The mixed content fixer fixes all items in your websource, so these are probably in a css or js file. Do “view source” on your website, then search in your .css and .js files for these urls, or you can do a scan and fix with the pro plugin.
sophiaThank you for the response. So if i buy the Real Simple SSL Pro this should fix the site? Im purchasing it now.
sophiaOk so I just purchased the Pro single site for $25 and after doing a full scan I’m still getting these to errors:
Mixed Content: The page at ‘https://wearrose.com/’ was loaded over HTTPS, but requested an insecure image ‘http://www.wearrose.com/wp-content/plugins/pl-section-journey/images/cta-bg.jpg’. This content should also be served over HTTPS.
Mixed Content: The page at ‘https://wearrose.com/’ was loaded over HTTPS, but requested an insecure image ‘http://www.wearrose.com/wp-content/plugins/pl-section-journey/images/video-bg.jpg’. This content should also be served over HTTPS.
—And most importantly my site is still loading distorted. wearrose.com is my site and the last time I saved it and the way its supposed to load is with the pink WTF IS WEAR ROSE banner on top, the palmtrees, triangle, shop art thats showing above the pink banner is supposed to be on the bottom and there should be no indentation to the left which is what is being shown. The text READ ROSE which is shown next to the palmtrees has code that changes the font and animates it.
So the pro detection setup settings are set to:
success SSL is enabled on your site.
success Mixed content fixer was successfully detected on the front-end
success An SSL certificate was detected on your site.
success 301 redirect to https set: .htaccess redirect
warning HTTP Strict Transport Security was not set in your .htaccess. Enable HSTS
– The mixed content fixer is not active on the admin panel. Enable this feature only when you have mixed content on the admin panel.
success The native WordPress function is_ssl() returned true
success Great! Your scan last completed without errors.—–in settings: Auto replace mixed content is the only one checked
—–the mixed content scan says:
successNo blocked urls found
successNo .js or .css files with http:// urls found.
successNo .js or .css files on other domains with http:// urls found.
successNo posts in your database found with links to blocked remote urls found.any idea whats going on?
sophiaIf i check my site on http://www.whynopadlock.com it says:
Secure calls made to other websites:
fonts.googleapis.com is valid and secure.drive.google.com returned an error (Possibly 404 not found or other webserver error. Details:
doc-10-9o-docs.googleusercontent.com returned an error (Possibly 404 not found or other webserver error. Details:
68.media.tumblr.com is valid and secure.
fonts.gstatic.com is valid and secure.
sophiaAnd my .htaccess says this:
# Use PHP5.4 Single php.ini as default
AddHandler application/x-httpd-php54s .php# BEGIN rlrssslReallySimpleSSL rsssl_version[2.5.7]
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTPS} !=on [NC]
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</IfModule>
# END rlrssslReallySimpleSSL
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPressCould you send me your domain so I can take a look?
