Security Information Message on IE

[Rod_]

Hi there guys.
Does somebody know why is IE showing up this message on the order steps?. Everytime you make click on next on the order process IE opens up a box with the message: "This page contains both secure and non secure items. Do you want to continue or not". This obviously may be a reason to STOP BUYING isn't it?.
Does somebody know how to resolve this problem?.
The SSL certificate is provided by GeoTrust.

Thanks in advance.

[cor3ys]

Rod

does this only happen on the order steps ? does it do it when looking at orders in an account as well, could be because you have stuff on the page that is not secured like images being called from other sites ect...

[jhnstcks]

tried to access your clothing site to see what was wrong but your flash banner took so long to load, the rest other parts of the page didnt show up for nearly 2 minutes, I would say that is a reason not to buy and needs sorted before anythging else. If I had been a customer looking to buy from your site I would have clicked off within 30 seconds of the banner not loading.

As corey says you must have unsecured images being called into your site, so when the customer starts the order process and enters https pages it is throwing up that error.

[Rod_]

tried to access your clothing site to see what was wrong but your flash banner took so long to load, the rest other parts of the page didnt show up for nearly 2 minutes, I would say that is a reason not to buy and needs sorted before anythging else. If I had been a customer looking to buy from your site I would have clicked off within 30 seconds of the banner not loading.

As corey says you must have unsecured images being called into your site, so when the customer starts the order process and enters https pages it is throwing up that error.

That's right man, I have to improve the media. I think the website is taking to long to load =/

And yes I have external content. So the only way to avoid this message is to take off these elements???.

[jhnstcks]

Depends what the elements are really, if you are calling an image from somewhere else try changing the http to htpps, they might have a secure server, if not then the image just wont display. Or save the image to your own server and call that using your own url with https instead.

[Rod_]

Thanks guys. I'll try that

[msk69]

these are normally secured when ssl enabled. identity.php,history.php,contact-form.php,addresses.php,order-slip.php,my-account.php,order.php,authentication.php,discount.php

i've it with a livehelp box, which is now not showing up anymore on those pages.

[Jo]

This is what I did to make the checkout process secure all the way through -

Problems - IE displaying messages (insecure/secure content)

Checkout process needed to be all secure

Order confirmation page (insecure/secure content)

Cheque/Direct Deposit Order Summary pages (insecure/secure content)

Fix -

Add (init.php include) into files that have ssl turned on but are showing insecure/secure content
eg. contact-form.php, payment.php in (Offline credit card module and direct deposit module)

include(dirname(__FILE__).'/init.php');



Fix for Order confirmation page showing insecure and secure content -

If there is no order-confirmation.tpl in the payment module you are using eg. cheque
then you can remove the code in the following as the payment-return hook is being used.
This should make the order confirmation page secure -

Remove from order-confirmation.php
'HOOK_ORDER_CONFIRMATION' => Hook::orderConfirmation(intval($id_order)),

Remove from order-confirmation.tpl
{$HOOK_ORDER_CONFIRMATION}


'HOOK_ORDER_CONFIRMATION' => Hook::orderConfirmation(intval($id_order)),

[arowana]

Hi Jo,
it didn't work for me

does anybody know how i can supress the secure and unsecure pop up ?

my unsecure address: http://www.funsac.com/
my secure address: https://faddybags.fatcow.com/

on IE , it keeps having the pop up message and has already scare off some of my customers

[Jo]

I applied this fix that I got of the post as well as the above -

Place the following code in www\init.php immediately AFTER the line that begins $protocol = (isset($useSSL)
and BEFORE the line $smarty->assign(array(

if(isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == "on" && $protocol == 'http://' && strpos($_SERVER["REQUEST_URI"],'cart.php') == false) {
$newurl = "http://" . $_SERVER["SERVER_NAME"}] . $_SERVER["REQUEST_URI"];
header("Location: $newurl");
exit();
}
elseif($protocol == 'https://' && isset($_SERVER["HTTPS"]) == false) {
$newurl = "https://" . $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"];
header("Location: $newurl");
exit(

You might need to hard code your url like this (I had to) -

if(isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == "on" && $protocol == 'http://' && strpos($_SERVER["REQUEST_URI"],'cart.php') == false) {
$newurl = "http://www.yoururl.com.au" . $_SERVER["REQUEST_URI"];
header("Location: $newurl");
exit();
}
elseif($protocol == 'https://' && isset($_SERVER["HTTPS"]) == false) {
$newurl = "https://www.yoururl.com.au" . $_SERVER["REQUEST_URI"];
header("Location: $newurl");
exit();
}

[JJBYPC]

I started seeing this Secure/Non-Secure popup after I installed PHPlive support,
I have uninstalled it and noticed that my checkout process is now Faster than before.

I think the PHP-ONLINE module slows your checkout process down.