Page 1 of 1

SSL padlock issue

Posted: Wed Apr 18, 2018 9:06 pm
by robster

I am using still for a client's site (yep I know, the updated site is on the way) and I have it set. so that ALL pages are forced to load securely (https) not just the usual account areas and checkout pages. This was done in .htaccess. The problem I am having is that the padlock will not show on Google Chrome which alarms the customers.

I have used an online padlock problem checking website and their response is this:

A form with the action of " ... e/currency" exists in the source code of the tested page.
This form needs to be updated to use " ... e/currency" or another secure URL for your padlock to return.

Obviously is not the actual site but merely used for this example.

So my question is this. How do I fix that action to call index.php?route=module/currency using https rather than http?

For now I have removed the code '<?php echo $currency; ?>' from header.tpl which has fixed the padlock issue but removed the currency drop down on the website and this is needed for the overseas customers.

Anybody able to help please?

Thanks in advance.

Re: SSL padlock issue

Posted: Thu Apr 19, 2018 9:18 am
by acx
In config.php, set both options to https, since you want all pages under SSL:

Code: Select all

define('HTTP_SERVER', 'https://yoursite.example/');

define('HTTPS_SERVER', 'https://yoursite.example/');
He probably still has the HTTP_SERVER option with a http:// prefix.

Re: SSL padlock issue

Posted: Thu Apr 19, 2018 3:51 pm
by robster

Thanks for that - yep, schoolboy error on my part.