Plugin Contributor
royho
(@royho)
Well, that is not your only problem. You can’t even add to cart on your site due to an error. I presume these are related errors. It looks like it has something to do with SSL/HTTPS. Try disabling that and re-test. SSL/HTTPS is tricky to setup if you don’t know what you’re doing.
Yes, you are correct. I discovered that I cannot add to the cart after posting my first comment. Oddly enough, I can click on my product picture and then add to the cart when showing a single product. I disabled the SSL/HTTPS but the problem still exists. I do appreciate your having a look.
rich
Some success. I am now able to add to the cart but the checkout is still frozen. Anybody know what the following error message means?
Failed to load resource: the server responded with a status of 404 (Not Found) https://www.doorbrim.com/wp-content/themes/storefront-echo-1.4.0/custom.css
XMLHttpRequest cannot load https://doorbrim.com/wp-admin/admin-ajax.php. Origin https://www.doorbrim.com is not allowed by Access-Control-Allow-Origin.
Plugin Contributor
royho
(@royho)
Again, this is related to your SSL. It seems it is not setup properly for your site.
Problem solved! The spinning circle on checkout page was the result of urls on the Settings/General page that did not match.
Plugin Contributor
royho
(@royho)
Yes, because https and http is considered two different URLs thus your error is saying “not allowed by Acces-Control-Allow-Origin”.
Thank you for your efforts. Both urls in Settings/General had https in them but only one had www. I removed the www from the site address to match the wordpress address and it worked. I did take your advice previously and removed the SSL plug-in but why do I still see the lock in my browser on most pages? Is the SSL still active?
Plugin Contributor
royho
(@royho)
If your URL is https then it is secured. But that has nothing to do with your plugin. Plugin is not what makes your site secured. It is the SSL certificate that is installed. The plugin is only there to help redirect transitioning between a secured page and a non secured page. For example if you visit the checkout page, the URL should have https…but if you click back on to some other pages, it should properly go back to non secured URL of http….If it stays on https, that means something is not right. You don’t want your whole site to be in https because it slows things down and it is not standard practice.
Thanks for the clarification. My site is working well now and does not appear to be slow but I will take your advice and remove the https from some of the pages.
Plugin Contributor
royho
(@royho)
Well that is not how you measure if a site is slow or not. Each page load contains many http requests. So now imagine each http request has now added 2-5 seconds per requests. After multiplying that, multiple it again by the number of users on your site. You won’t notice much difference with just 1 user or even 10 users…but when you have significant amount of traffic, then there will be a difference…
Now I am a little worried. As you indicated previously, if https occurrs on all my pages, there is a problem. This is the case. Would it be standard practice to have only the checkout page as https? Also how can I remove the https from all the other pages?
Plugin Contributor
royho
(@royho)
Yes, in a correctly developed site, you shouldn’t need to secure all pages. Again, you can use proper plugins to redirect your pages. I suggest you read the documentation on that plugin you’re already using. It should allow you to do what I am referring to.
In addition, don’t forget to check your secured pages for any insecured items. That is a common mistake with people trying to secure their pages as well. If you don’t fix this issue, browsers will give a warning, especially IE browsers. That warning will guarantee to drive your customers away as it will state something on your site is NOT secured…etc…
OK, I have secured my checkout pages and unsecured the rest. Is it good practice to secure the Home page or should that be unsecured also?
Plugin Contributor
royho
(@royho)
The rule is if there are not any sensitive information that needs to be inputted by anyone, then don’t secure it.
Thanks for all your help royho. I sincerely appreciate your knowledge.
