You are not alone. Checkout this plugin: WordPress HTTPS.
uhm how do i say this … hedronist did you notice the tag in the post title π
Mr.Harmlos, what he’s saying is that the plugin should fix what you’re pointing out. If not, your settings aren’t correct, or there’s a bug.
What is your website?
What settings do you have enabled?
Thanks,
Mike
Hi
Thx for your care π
Website is local atm …
Basic WordPress 3.04
Plugins:
nginx Compatibility (PHP5)
WordPress HTTPS
Template is a modded witheboard http://whiteboardframework.com/
As i understand the Template css location is called by internal code in WordPress … and jquery too …
If i click on a post it is a http link too …
If i change WordPress address (URL) Site address (URL) to https (the brute version) the website is secure …
I dont understand code good enought to solve this …
any idea ?
You don’t need code to resolve this, like I said, my plugin should be fixing them. That’s the primary purpose of the plugin, and if it’s not working, there’s a problem. The plugin uses output buffering to modify the rendered source code AFTER WordPress generates the HTML that the end-user would see. WordPress HTTPS scans through the code and makes the proper modifications to make sure elements and links are HTTPS if they need to be.
What settings do you have enabled?
Thanks,
Mike
Internal HTTPS Elements – on
External HTTPS Elements – on
The rest off …
Bypass External Check doesnt changes things …
i used firebug in mozilla to track the non https parts …
and that would be … as in the first post mentioned :
<?php wp_enqueue_script(“jquery”); ?>
=
http://domain/wp/wp-includes/js/jquery/jquery.js?ver=1.4.2
and
<link rel=”stylesheet” type=”text/css” media=”all” href=”<?php bloginfo( ‘stylesheet_url’ ); ?>
=
http://domain/wp/wp-content/themes/whiteboard/whiteboard/style.css
nging config for SSL
server {
listen 443 ssl rcvbuf=64k backlog=128;
server_name x;
charset utf-8;
ssl on;
ssl_certificate x:/x/x/ssl.crt;
ssl_certificate_key x:/x/x/ssl.pem;
ssl_session_timeout 2m;
ssl_protocols SSLv3;# TLSv1;
ssl_ciphers HIGH:!ADH:!MD5;
ssl_prefer_server_ciphers on;
location ~ \.php$ {
root html;
fastcgi_param HTTPS true;
try_files $uri /er/404.html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME x:/x/nginx/html$fastcgi_script_name;
}
location / {
root html;
index index.html index.php index.htm;
}
no rewrite rules …
WordPress runs on mysql
php is newest stable ….
Everything pretty much standard …
ill try the standard template …
same problem the css file is not https ..
in my template there are 2 backgroundpictures and their not https too
http://wordpress.pastebin.com/5jAsjaGt – The header.php …
its a private Blog so it doesnt matter that much but … i mean it should work …. and i like things that work ^^
greets
Like others I found partial success with the HTTPS wordpress plugin, but my style sheets and other header links were wrong. I have http://mydomain and https://passthroughssl.differentdomain , so my linked style sheets ended up with HTTPS of the first url, as it’s the site url.
Try the three lines of php in your wp-config.php file here:
Hey jackaperkins,
If you’re having problems with the plugin, please start a support topic.
Thanks,
Mike
The problem is still peresistent …. and not resolved but ignored …
While digging around in the problem
i added the priority 1 to all of your filters … didnt help ..^^
i found
// If URL matches home_url, but lacks www, add www
// if ( strpos(get_option('home'), '://www.') !== false && strpos($url, '://www.') === false && parse_url($url, PHP_URL_HOST) != NULL ) {
// $url_host = parse_url($url, PHP_URL_HOST);
// $url_host_www = 'www.' . $url_host;
// if ( strpos(get_option('home'), $url_host_www) !== false ) {
// $string = str_replace($url_host, $url_host_www, $string);
// }
// }
since i use no-ip.org and the free version doesnt allow www dns i deactivated the option … checkbox optionable for others maybe ?
looked into the devtools errors again ….
[blocked] The page at https://domain/ ran insecure content from http://domain/wp-content/themes/whiteboard/whiteboard/style.css.
[blocked] The page at https://domain/ ran insecure content from http://domain/wp-includes/js/l10n.js?ver=20101110.
[blocked] The page at https://domain/ ran insecure content from http://domain/wp-includes/js/jquery/jquery.js?ver=1.6.1.
[blocked] The page at https://domain/ ran insecure content from http://domainhttps/?ver=3.2.1.
[blocked] The page at https://domain/ ran insecure content from http://platform.twitter.com/anywhere.js?id=xxxxxxxxxx&v=1.
[blocked] The page at https://domain/ ran insecure content from http://domain/index.php?ak_action=aktt_css&v=2.4.
[blocked] The page at https://domain/ ran insecure content from http://domain/index.php?ak_action=aktt_js&v=2.4.
[blocked] The page at https://domain/ ran insecure content from http://domain/wp-content/plugins/wp-syntax/wp-syntax.css.
This seems not normal [ http://domainhttps/?ver=3.2.1. ]
So as it seems to me like
function bloginfo didnt do anything …
and may be the non existing www messes up the regexp filter …
…
Mr.Harmlos,
I took a hiatus from the plugin, but have been back for a couple of months now. I marked it resolved since it was so old.
Commenting out that section really won’t have any affect no matter what your domain is. If your home_url has www in it and the URL given to that method matches the domain, but lacks www, it adds it so that it is properly rewritten by this line: $string = str_replace($this->http_url, $this->https_url, $string);
The plugin does not rely on filters to fix the source, it uses output buffering. The filters are there to help, but are not what fixes most of the insecure content issues.
It’s more likely that, for some reason, the output buffering is not working correctly, or you have WordPress set up in an unusual way. Either way, I’m not going to be able to help without seeing the website since everything you’re showing me should be fixed by the plugin already.
Thanks,
Mike