Docs

[Leanna]

Hi, I suddenly realized my site which is SSL and behind Sucuri firewall, is nevertheless coming up as not secure! The host directed me to https://www.whynopadlock.com/check.php which showed the below list of items as security risk: My questions:
1) Some of these are X theme components – how can this be fixed?
2) Some are premium plugins (Media Grid, Overlay and Ubermenu are all premium) is there a way to secure these or do I have to try to get rid of them?
3) Many images are also showing as insecure. What can be done to correct this?
4) Is the page basically still secure for donors despite these issues and if so, is there a way to get the page to show SSL security without correcting all of these issues?

Items which are viewed as insecure:

FAVICON Insecure URL: http://www.tellasia.org/favicon.ico
IMAGE Insecure URL: http://www.tellasia.org/play-button-caption.png
IMAGE Insecure URL: http://www.tellasia.org/play-button-caption-mouseover.png
IMAGE Insecure URL: http://www.tellasia.org/wp-content/uploads/2015/11/blue-haven-children.jpg
IMAGE Insecure URL: http://www.tellasia.org/wp-content/uploads/2015/12/2020-network-conference-man-praying-crowd-big.jpg
IMAGE Insecure URL: http://www.tellasia.org/wp-content/uploads/2015/12/facebook-like-wide-300×136.jpg
IMAGE Insecure URL: http://www.tellasia.org/wp-content/uploads/2016/01/blue-haven-school-construction-nov2015.jpg
IMAGE Insecure URL: http://www.tellasia.org/wp-content/uploads/2016/02/crowdfunding-page-capture-web.jpg
IMAGE Insecure URL: http://www.tellasia.org/wp-content/uploads/2016/02/Embers-from-Ashes-DVD-400jpg.jpg
IMAGE Insecure URL: http://www.tellasia.org/wp-content/uploads/2016/02/rural-edu-ctr-veena-cheahn-cs.jpg
IMAGE Insecure URL: http://www.tellasia.org/wp-content/uploads/2016/02/TellASIA-logo-redbrown-2015-font300.png
IMAGE Insecure URL: http://www.tellasia.org/wp-content/uploads/2016/02/world-map-asia-focus-more-people-than-rest-1.jpg
IMAGE Insecure URL: http://www.tellasia.org/wp-content/uploads/2016/07/child-rural-edu-letters.jpg
IMAGE Insecure URL: http://www.tellasia.org/wp-content/uploads/2016/07/slum-girl-hope2c.jpg
IMAGE Insecure URL: http://www.tellasia.org/wp-content/uploads/2016/07/world-map-asia-focus-800mob-1.jpg
IMAGE Insecure URL: http://www.tellasia.org/wp-content/uploads/2016/08/bg-children-letters-home.jpg
IMAGE Insecure URL: http://www.tellasia.org/wp-content/uploads/2016/08/bhch-forhomepage.jpg
IMAGE Insecure URL: http://www.tellasia.org/wp-content/uploads/2016/08/blue-haven-school-student-desk-backpack-c.jpg
IMAGE Insecure URL: http://www.tellasia.org/wp-content/uploads/2016/08/david-alok-c.jpg
IMAGE Insecure URL: http://www.tellasia.org/wp-content/uploads/2016/08/ruraleductr-forhomepage.jpg
GOOGLE APIS FONT Insecure URL: http://fonts.googleapis.com/css?family=Montserrat%3A%2C300%2C400%2C700&ver=4.7
GOOGLE APIS FONT Insecure URL: http://fonts.googleapis.com/css?family=Montserrat%3A400%2C400italic%2C700%2C700italic%7CAlegreya%3A700&subset=latin%2Clatin-ext&ver=4.6.4
GOOGLE APIS MAP Insecure URL: http://maps.googleapis.com/maps/api/js
URL-ASIA AMAZING Insecure URL: http://www.tellasia.org/asia-amazing
URL-ASIA AMAZING Insecure URL: http://www.tellasia.org/asia-amazing/
CORNERSTONE FAVICON CLSS Insecure URL: http://www.tellasia.org/wp-content/plugins/cornerstone/assets/dist/css/site/fa-icon-classes.css?ver=1.3.3
CORNERSTONE MIN Insecure URL: http://www.tellasia.org/wp-content/plugins/cornerstone/assets/dist/js/site/cs-body.min.js?ver=1.3.3
CORNERSTONE MIN Insecure URL: http://www.tellasia.org/wp-content/plugins/cornerstone/assets/dist/js/site/cs-head.min.js?ver=1.3.3
FORM LIGHTBOX COLORBOX Insecure URL: http://www.tellasia.org/wp-content/plugins/form-lightbox/colorbox/jquery.colorbox-min.js?ver=1.4.33
FORM LIGHTBOX COLORBOX Insecure URL: http://www.tellasia.org/wp-content/plugins/form-lightbox/colorbox/style-1/colorbox.css?ver=4.7
LIGHTBOX PLUS Insecure URL: http://www.tellasia.org/wp-content/plugins/lightbox-plus/css/shadowed/colorbox.min.css?ver=2.7.2
LIGHTBOX PLUS Insecure URL: http://www.tellasia.org/wp-content/plugins/lightbox-plus/js/jquery.colorbox.1.5.9-min.js?ver=1.5.9
MEDIA GRID Insecure URL: http://www.tellasia.org/wp-content/plugins/media-grid/css/custom.css?ver=4.31
MEDIA GRID Insecure URL: http://www.tellasia.org/wp-content/plugins/media-grid/css/font-awesome/css/font-awesome.min.css?ver=4.3.0
MEDIA GRID Insecure URL: http://www.tellasia.org/wp-content/plugins/media-grid/js/frontend.js?ver=4.31
MEDIA GRID Insecure URL: http://www.tellasia.org/wp-content/plugins/media-grid/js/mediaelement/mediaelementplayer.min.css
MEDIA GRID OVERLAY Insecure URL: http://www.tellasia.org/wp-content/plugins/media-grid-overlay-manager/css/overlays.css?ver=1.301
MEDIA GRID OVERLAY Insecure URL: http://www.tellasia.org/wp-content/plugins/media-grid-overlay-manager/js/overlays.js?ver=1.301
UBERMENU FONTAWESOME MIN Insecure URL: http://www.tellasia.org/wp-content/plugins/ubermenu/assets/css/fontawesome/css/font-awesome.min.css?ver=4.3
UBER SKIN Insecure URL: http://www.tellasia.org/wp-content/plugins/ubermenu/assets/css/skins/blackwhite2.css?ver=4.7
UBERMENU MIN Insecure URL: http://www.tellasia.org/wp-content/plugins/ubermenu/assets/js/ubermenu.min.js?ver=3.2.5
UBERMENU SKIN Insecure URL: http://www.tellasia.org/wp-content/plugins/ubermenu/pro/assets/css/skins/twotone_red_black.css?ver=4.7
UBERMENU MIN Insecure URL: http://www.tellasia.org/wp-content/plugins/ubermenu/pro/assets/css/ubermenu.min.css?ver=3.2.5
STACK INEGRITY LIGHT Insecure URL: http://www.tellasia.org/wp-content/themes/x/framework/css/dist/site/stacks/integrity-light.css?ver=4.6.4
X FRAMEWORK JS X BODY MIN Insecure URL: http://www.tellasia.org/wp-content/themes/x/framework/js/dist/site/x-body.min.js?ver=4.6.4
X FRAMEWORK JS X BODY MIN Insecure URL: http://www.tellasia.org/wp-content/themes/x/framework/js/dist/site/x-head.min.js?ver=4.6.4
STYLE CSS X HEAD MIN Insecure URL: http://www.tellasia.org/wp-content/themes/x-child/style.css?ver=4.6.4
JS MIN Insecure URL: http://www.tellasia.org/wp-includes/js/comment-reply.min.js?ver=4.7
JQUERY Insecure URL: http://www.tellasia.org/wp-includes/js/jquery/jquery.js?ver=1.12.4
JQUERY MIN Insecure URL: http://www.tellasia.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
WP EMBED MIN Insecure URL: http://www.tellasia.org/wp-includes/js/wp-embed.min.js?ver=4.7

[Leanna]

This reply has been marked as private.

[Leanna]

UPDATE: While “whynopadlock.com” now shows that I’m down from 51 insecure items to 18 which are just images that still need relinked, Console on the home page http://www.tellasia.org also shows the following: how to resolve this?

util.js:211Google Maps API warning: NoApiKeys https://developers.google.com/maps/documentation/javascript/error-messages#no-api-keysWA.j @ util.js:211(anonymous function) @ js:126(anonymous function) @ js:46(anonymous function) @ js:43(anonymous function) @ js:46(anonymous function) @ js:98(anonymous function) @ js:43(anonymous function) @ js:98(anonymous function) @ js:43(anonymous function) @ js:98(anonymous function) @ js:43(anonymous function) @ js:98hc @ js:45gc.cb @ js:98(anonymous function) @ common.js:1
util.js:211 Google Maps API warning: NoApiKeys https://developers.google.com/maps/documentation/javascript/error-messages#no-api-keysWA.j @ util.js:211(anonymous function) @ js:126(anonymous function) @ js:46(anonymous function) @ js:43(anonymous function) @ js:46(anonymous function) @ js:98(anonymous function) @ js:43(anonymous function) @ js:98(anonymous function) @ js:43(anonymous function) @ js:98(anonymous function) @ js:43(anonymous function) @ js:98hc @ js:45gc.cb @ js:98(anonymous function) @ common.js:1

[Friech]

Hi There,

Thanks for writing in! Please follow this post: https://community.theme.co/kb/hosting-how-to-activate-ssl/

There is a plugin suggested on the bottom of that post which you can use to force your resource to load on https:

Let us know how it goes.

Cheers!

[Leanna]

that is basic info about ssl. At this point I need specifically how to enable Google API keys in X Theme. Have been all over Google but haven’t found anything that makes sense.

[Rue Nel]

Hello There,

Thanks for writing in!

1] The Goggle API key issue is caused by a certain setting in Ubermenu. To resolve, please check out this thread: https://community.theme.co/forums/topic/disable-google-maps-api/#post-1043935

2] Regarding https issue, this is because SSL was not set up when you uploaded the images in your site by which the images were already inserted within the pages and posts. To resolve this, please install a 3rd party Search and Replace plugin from the WordPress repository. You can then search for this keyword:

http://www.tellasia.org/wp-content/uploads/

You will need to replace it with this keyword:

https://www.tellasia.org/wp-content/uploads/

To save you from time, I have done most of theme. Please check out your site now.

[Leanna]

THANK YOU! THAT IS AMAZING…. YOUR TECH SUPPORT is amazing! I truly appreciate your help, GREAT JOB!!!
Btw, the Google Maps API is not enabled in my Ubermenu installation so I’m still unclear why that is being called in my site as I do not have a Google map anywhere in the site…

[Rupok]

Hi there,

Glad that it helped. Let’s deactivate UberMenu and check again just to make sure it’s causing by UberMenu or not. If you find this as culprit, you’ll need to review the settings to disable Google Map.

Let us know what you find.

[Leanna]

Without deactivating Ubermenu, the only error that Console shows (since Rue Nel fixed the other errors) is:
jquery.js:4 Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user’s experience. For more help, check https://xhr.spec.whatwg.org/.send @ jquery.js:4
jquery-migrate.min.js:2 JQMIGRATE: Migrate is installed, version 1.4.1

so maybe whatever Rue Nel did fixed it. Please check and see if you see any Google error.

[Rue Nel]

Hello There,

I’ve already made sure that the https issue has been resolve. The only thing showing now is a warning message that may have come from jQuery.js file. I am not sure what is causing it though. Google error is already gone too!

If you need anything else we can help you with, don’t hesitate to open another thread.

Best Regards.

[Leanna]

Yes, all fixed. Again thanks SO much for your help.

[Rue Nel]

You’re most welcome! That’s what we are here for.
If you need anything else we can help you with, don’t hesitate to open another thread.

[Leanna]

hi Rue Nel, sorry to bug you but my green padlock is gone and Console is showing a bunch of this stuff again:

Mixed Content: The page at ‘https://www.tellasia.org/’ was loaded over HTTPS, but requested an insecure image ‘http://www.tellasia.org/wp-content/uploads/2016/08/ruraleductr-forhomepage.jpg’. This content should also be served over HTTPS.

What can i do to permanently fix the image issues?

[Christopher]

Hi there,

Please remove this image from host files and upload it again through WP dashboard.

Hope i helps.

[Leanna]

ok that worked, thanks

[Author]

Posts