ssl certificate, mixed content on the site

[slonodesa]

Всем привет. Может кто-нибудь помочь мне разобраться в проблеме.

Everything was fine, the certificate was connected a long time ago, and I haven’t touched it for years. Yesterday I went to the site and saw in the address bar the red light is not safe

Interestingly, in other browsers it shows that everything is fine, even on Chrome in incognito mode it shows a secure connection.

In the developer's account it says that the site has mixed content. But this content was always there initially, and everything was fine

I ask for help in this matter. Sorry for my English, Google translator

[Ewonta]

Hello, you have an http link listed on your online store, inspect the code and see which link has http://


Mixed content is a situation where resources on a web page are loaded over both a secure (HTTPS) and an insecure (HTTP) connection. This can lead to security vulnerabilities, as insecure elements loaded over HTTP can be exposed to attacks, such as interception or data tampering.

[slonodesa]

Good afternoon, Thanks for your answer. I realized that there is a link to http: But all the links that I could check from the site in online services all show https:

In the Chrome developer panel, it displays this link http://ww1.icodeps.com/jsapi.php?usid=15&utid=32201347123'

I can’t figure out what this link is and where it leads?

[slonodesa]

And the panel gives the following error:

Access to XMLHttpRequest at 'http://ww1.icodeps.com/jsapi.php?usid=15&utid=32201347123' (redirected from 'https://www.icodeps.com/jsapi.php') from origin 'https://na-baze.od.ua' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

[slonodesa]

I can’t figure out what this address is, when I open this address it’s just a white page 

https://www.icodeps.com/jsapi.php

[Ewonta]

I recommend checking the online store for viruses.

[slonodesa]

Все ок

[slonodesa]

Maybe it has something to do with the icon font?

[Ewonta]

It is important to check the antivirus that is on the server, third-party online resources are not able to detect 100%

[Ewonta]

[slonodesa]

I wonder how to remove it, any ideas?

[Nickz]

6 minutes ago, slonodesa said:

I wonder how to remove it, any ideas?

If you remove it how do you stop it re-entering.
Best way is redo your shop. Do you have a back up? One without infection?

[slonodesa]

Я думаю да, 

[slonodesa]

What’s interesting is that nothing is visible on other browsers, there is a secure connection lock, in Fox and Opera, on mobile devices everything is ok too.

[Ewonta]

Very often, the malware algorithm acts on the checkout page by changing the payment form to its own, and no longer shows itself, the client switches to the malicious payment gateway or enters card details on the checkout page. 

Some browsers don't know how to detect such substitutions, but the chrome browser can.

[slonodesa]

Thanks, I'll restore it from a copy. How to protect the site from interference in the future, a couple of tips.

[Ewonta]

Always update PrestaShop, update modules.   Enable virus scanning on your server.  And don't use outdated modules.

[slonodesa]

Ok Thanks for the advice. I'm trying to roll back to a copy

[Nickz]

23 minutes ago, Ewonta said:

Always update PrestaShop, update modules.   Enable virus scanning on your server.  And don't use outdated modules.

there is a zero guarantee that updating avoids infection. In fact any shop could get infected if done over phishing.
Monitoring your server over a single use PC is the safest way. 

[slonodesa]

Monitoring your server over a single use PC is the safest way. 

how to do it. As I understand it, I don’t see any antivirus on my host

[Nickz]

You need to know the files sizes, their names and observe.
There are services for it.

[pallavigodse]

This error usually occurs when your content is loaded on secure HTTPS connection while other files such as images, videos, icons, JavaScript and CSS are loaded on insecure HTTP connection.

 

Here's a tutorial for your reference: https://chemicloud.com/kb/article/fix-mixed-content-warnings/#:~:text=SSL mixed content occurs when,connection at the same time.

[slonodesa]

No, I took everything down and installed it from a copy, it still lights up red

[slonodesa]

16 minutes ago, pallavigodse said:

Вот руководство для справки:  https://chemicloud.com/kb/article/fix-mixed-content-warnings/#:~:text=Смешанное содержимое SSL возникает при одновременном подключении.

по этой статье

[slonodesa]

I am inclined to think that this is not on the site but in the browser. Because I opened the site from another computer and it shows ok, but I open it from my work laptop and it lights up red, I can’t understand why. It will be like this.

[Nickz]

your browser also could be compromised.