Hi Guys, i use wordpress an ubuntu 18.04 and ISPconfig 3.1 my website casting-canarias.com shows not secure. so i change the .htaccess as follows: Code: <IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{HTTPS} off RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] </IfModule> moreover i change the wp-config file: Code: define('FORCE_SSL_ADMIN', true); When i change the .htaccess and i run the website the .htaccess not save the code i inserted, that means my code is gone. When i dont run the website, the code in .htaccess is changed, but when i click actualize the website then the code in .htaccess is gone. I changed it as root, so how can it be that the changes are not saved in .htaccess? thanks for an idea
Where does it show that? Where can a thing like that be clicked? After you change the file and save it. did you look at the contents of the file to see it is what you expect? If you use ISPConfig, go to website settings in Panel and Redirect tab, there turn on "Rewrite HTTP to HTTPS". I think I now understand your original problem, you mean browser address bar does not get the green padlock. That is because the page has http:// content, that is there are plain http:// links in page text. If you in browser click on the lock icon on address bar the popoup window tells you this on https://casting-canarias.com page. Use show source on the web page and search for the http:// string.
If you click on the little (i), it shows you why it is not secure: Some of the pictures are implemented with a http link instead of https. The site itself works via https, but insecure content is included. If you use Chrome: Go to "View" -> "Developer" -> "JavaScript Console". It will show you: Code: (index):1 Mixed Content: The page at 'https://casting-canarias.com/' was loaded over HTTPS, but requested an insecure image 'http://kayapati.com/demos/julia/wp-content/uploads/sites/95/2018/03/parallax-img-2.jpg'. This content should also be served over HTTPS. (index):1 Mixed Content: The page at 'https://casting-canarias.com/' was loaded over HTTPS, but requested an insecure image 'http://kayapati.com/demos/julia/wp-content/uploads/sites/95/2018/03/quotes.png'. This content should also be served over HTTPS. (index):1 Mixed Content: The page at 'https://casting-canarias.com/' was loaded over HTTPS, but requested an insecure image 'http://kayapati.com/demos/julia/wp-content/uploads/sites/95/2018/03/quotes.png'. This content should also be served over HTTPS. (index):1 Mixed Content: The page at 'https://casting-canarias.com/' was loaded over HTTPS, but requested an insecure image 'http://kayapati.com/demos/julia/wp-content/uploads/sites/95/2018/03/quotes.png'. This content should also be served over HTTPS. (index):1 Mixed Content: The page at 'https://casting-canarias.com/' was loaded over HTTPS, but requested an insecure image 'http://kayapati.com/demos/julia/wp-content/uploads/sites/95/2018/03/parallax-img-11.jpg'. This content should also be served over HTTPS. So there are pictures included with an absolute path with http instead of https. Fix this and your site will be good.
Hi, thanks for your kind reply when in google chrome i put in the address field : casting-canarias.com then in the address field it shows not secure in green like you can see it. In ispconfig i use rewrite http to https already If i see the source code i dont see anything with http In google chrome i dont find view developer... What i wonder is that if i change the .htaccess after reload the website the changes in .htaccess are gone and i dont know why this happens. Is it possible to use a wordpress plugin to solve the problem? thanks for your kind help
Well, you probably do not have an english version of chrome. Here you can see how this is named in your language: https://developers.google.com/web/tools/chrome-devtools/console/javascript (on the top right, choose your language) You can also make a right-click in your page and choose "Inspect"(whatever that is in Spanish) or press CTRL+SHIFT+I. Then go to the second tab "Console". It lists all problems with the site, also 5 "mixed content warnings". Yes, has nothing to do with your problem. You are loading images from a different site: "http://kayapati.com/demos/julia/wp-content/uploads/sites/95/2018/03/quotes.png" This site does not enforce https. So these pictures are loaded with http and lead to the error. These are some pictures, probably loaded by a plugin. That's why you do not see it directly in the source code ISPconfig is not messing with your htaccess file, however, Wordpress is. Anyway, there is no need to change .htaccess file. If you do, do not change lines within wordpress config, will be overwritten. If it does not help, search for "Wordpress mixed content". Google is full of solutions for this problem.
also, you won't see http in the source code, if what you're doing is searching in the wordpress files. the embedded http links are in the page/post content in the database, not in the files. if your looking at the page source, with all the stuff wordpress puts in there, and parts of it being unexpanded, it's very easy to overlook a couple of links with a missing s after the http. i'd also recommend not linking to images from other sites, include references/citations to the other site, a link to the relevant page, or preferably their homepage. but if they delete a page, redesign their site etc, you could have half your own page missing content, or worse.
HI, the problem was that i used old photos which were placed with the demo install. I replaced them with new photos and all the problems are gone. thanks for your help guys