Navigation
This is archived content. Visit our new forum.

Tagged: 

  • Author
    Posts
  • #1109130
    clefler
    Participant

    Hi, need a solution to secure one page of my site.
    I was able to do this very simply with a function in my child theme but am having the following issues…

    1. All links on the page are broken as is css due to the https – is there a way to fix this for one page?
    2. I cannot access the page to edit with cornerstone. I only secured the page, not the admin or wp login.

    Thanks in advance.

    #1109390
    Darshana
    Moderator

    Hi there,

    Thanks for writing in! To assist you with this issue, we’ll first need you to provide us with your URL. This is to ensure that we can provide you with a tailored answer to your situation. Once you have provided us with your URL, we will be happy to assist you with everything.

    #1110257
    clefler
    Participant
    This reply has been marked as private.
    #1110259
    clefler
    Participant
    This reply has been marked as private.
    #1110541
    Rad
    Moderator

    Hi there,

    Cornerstone will not work on redirected page, nor page with multiple URL protocols.

    Please change it to this,

    function force_ssl() {
        // Specify ID of page to be viewed on SSL connection
        if ( is_page(14028) && !is_ssl () && ( $_GET['cornerstone'] == '1' || $_GET['cornerstone_preview'] == '1' ) ) {
          header('HTTP/1.1 301 Moved Permanently');
          header("Location: https://" . $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"]);
        }
    
    }
    add_action('template_redirect', 'force_ssl');

    Hope this helps.

    #1110580
    clefler
    Participant

    Unfortunately that didn’t help either issue.
    Is there a way to call the header files that are needed for that page only?

    The page itself shows https with the green lock like it should.

    #1110582
    clefler
    Participant

    I have searched a lot about securing one page and I’m surprised there isn’t more info on the subject for businesses that don’t want to make the leap to total https but just need a checkout page secured.

    Is it better to create a subdomain with a whole separate install of wordpress and X and use multisite so that the whole subdomain is secure?

    #1110709
    Rad
    Moderator

    Hi there,

    You could try that, but there is always some downside with that setup. Like cookies and session aren’t shared and you’ll need special plugin or customization.

    But yes, you can have that setup.

    Thanks!

    #1110777
    clefler
    Participant

    Ok thank you.
    I would like to get the single page ssl working still.
    Any ideas why it breaks the page.
    I have tried the wp https (ssl) plugin with the same results. It is supposed to allow one page to have https. There is also a version of Really Simple ssl plugin for one page but don’t want to spend $20 if it is going to do the same thing.

    https://really-simple-ssl.com/knowledge-base/enabling-ssl-for-just-one-page/

    #1110789
    Rad
    Moderator

    Hi there,

    Not sure if you could fix it, but the reason it breaks is because the page has mixed protocols ( https and http ). The above code will only redirect the page to https, but the resources and files loaded within it, those ar still loaded as http. Let’s say you only loaded the skin through https, but not the whole content and structure.

    https://developers.google.com/web/fundamentals/security/prevent-mixed-content/what-is-mixed-content?hl=en

    Unfortunately, it requires full customization and there is no plugin available. You may hire a dedicated developer for that purpose.

    Thanks for understanding.

    #1111096
    clefler
    Participant

    Are you sure there isn’t a work around for 1 page? It’s hard to believe there isn’t a way to do this, even if it is made without cornerstone.

    #1111270
    Rad
    Moderator

    Hi there,

    There could be a workaround but too complex. And that something I can’t cover. Pages and all its resource should be loaded in https, but that code only loads the page in https. Other dependencies are still in http.

    Thanks!

    #1112202
    clefler
    Participant

    I found a big part of the problem and uncovered another. My cdn was enabled for the page I referenced.
    It now loads https properly.

    The new issue is that I need to embed donation service code on the page and so need to add a script to the header.

    I’ve seen a lot on this but could you provide the code (and child theme location) to put a script in the header ONLY for a specific page?

    Thanks again!

    #1112232
    Darshana
    Moderator

    Hi there,

    Please follow this examples on this thread (https://community.theme.co/forums/topic/adwords-call-tracking-confused-as-heck/).

    Hope that helps.

    #1112287
    clefler
    Participant
    This reply has been marked as private.
  • <script> jQuery(function($){ $("#no-reply-1109130 .bbp-template-notice, .bbp-no-topic .bbp-template-notice").removeClass('bbp-template-notice'); }); </script>