Some resources in my site are not secured


By Yair Uziel
Follow

There are two separate subjects that should be valid when you wish to provide a secure connection to a page/site - an SSL certificate by a known authority to confirm the site owner's identity is true, and having all the resources and connections to the end user secure (these are also separated when checking within the browser, on the left of the address bar).

Here we'll refer to the resources used in each page, as defined by the code of the site. You can check it by yourself by right clicking within a web page and selecting View Page Source. This will display the code of that page and there you can search for the relevant sources that should be amended.

This is a fairly simple process to amend, the main idea is to keep all the resources (services, images, etc.) coming through a secured connection:

+ In case of an internal asset, it should be coming from a relative address, so it'll use the site's certificate and connection.

+ If it's an external source it should come from a secured connection (https).

This will ultimately make all links that begin with http:// gone, and replaced with a secured option.

Here are examples of a common internal and external change:
Internal:      http://www.sample.com/files/images/banner.gif       >>     /files/images/banner.gif 
External:     http://platform.twitter.com/widgets.js           >>     https://platform.twitter.com/widgets.js

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk