deanot Posted February 15, 2014 Share Posted February 15, 2014 Does anyone know of a way to force htaccess on all images to go SSL? I have a dedicated SSL on my server and I force all pages to use SSL. Trouble is, some images in some modules are not using SSL and I have no way to force them. I have attempted to hack the script, but that just normally breaks it.. lol For instance, the image slider I is throwing up insecure issues on my SSL! Anyone have a way around this or is this just something Prestashop can't handle? All I know is this is causing security conscious customers to go elsewhere. Link to comment Share on other sites More sharing options...
prestashopninja Posted February 15, 2014 Share Posted February 15, 2014 Hello, You already have RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ https://www.example.com/$1 [R,L] in your htaccess file, right? Could you also check the paths to those images? Any chances they might be outside the main prestashop folder? Link to comment Share on other sites More sharing options...
deanot Posted February 17, 2014 Author Share Posted February 17, 2014 (edited) Thanks for the reply.. I did have that to no affect, all images are within the prestashops main folder. Images on the image slider and a couple of other modules are the problem. I have disabled modules in an attempt to stop it from happening, but the slider is one I like and want to keep. Here is the report from www.whynopadlock.com Total number of items: 137 Number of insecure items: 5 Insecure URL: http://removed.com/modules/homeslider/images/387738b76e95d01004163cde74f035f7.jpg Found in: https://removed.com/ Insecure URL: http://removed.com/modules/homeslider/images/173ffc0fbbbe1fa5bc9137c7dc620bf0.jpg Found in: https://removed.com/ Insecure URL: http://removed.com/modules/homeslider/images/aee2d424c5572a54b419fbfe744e8b6f.jpg Found in: https://removed.com/ Insecure URL: http://removed.com/modules/homeslider/images/04986660e763d310a7bc61e14c484886.jpg Found in: https://removed.com/ Insecure URL: http://removed.com/modules/homeslider/images/223008d7eb04139ba8bc61e996c98f89.jpg Found in: https://removed.com/ Well within the prestashop folder, the shop is on the root of my drive. Edited February 17, 2014 by deanot (see edit history) Link to comment Share on other sites More sharing options...
vekia Posted February 18, 2014 Share Posted February 18, 2014 open module file homeslider.tpl instead of original: <img src="{$link->getMediaLink("`$module_dir`images/`$slide.image|escape:'htmlall':'UTF-8'`")}" alt="{$slide.legend|escape:'htmlall':'UTF-8'}" height="{$homeslider.height|intval}" width="{$homeslider.width|intval}" /> use: <img src="{$base_dir_ssl}modules/homeslider/images/{$slide.image|escape:'htmlall':'UTF-8'}" alt="{$slide.legend|escape:'htmlall':'UTF-8'}" height="{$homeslider.height|intval}" width="{$homeslider.width|intval}" /> 1 Link to comment Share on other sites More sharing options...
deanot Posted March 3, 2014 Author Share Posted March 3, 2014 Thank you, that worked great.. Sorry I have not replied, been busy with a few things. Question, why are these modules not SSL compatible? I am not a very good coder, but surely there could be both links and a reference in the modules to check SSL mode? Link to comment Share on other sites More sharing options...
GaryLB Posted June 18, 2014 Share Posted June 18, 2014 Was about to implement Vekia's very astute fix and realized, I don't really care if the home page has non-secure content. It's the subsequent pages that matter. Thanks to the this forum for showing fixes to similar problems with other modules. Link to comment Share on other sites More sharing options...
Recommended Posts