-
Categories
-
- 03 visitor(s) online
- powered by WassUp
Last searched terms
Online Visitors
-
Recently Written
- Memory-foam Matresses – Not the Way Forward…
- Busyness Over the Last Few Weeks
- Get a FREE Review of Your Magento Website – By Us!
- PHP Objects, Patterns, & Practice 2nd Edition
- Pro Drupal Development 2nd Edition
- Php|architect’s Guide to Programming with Zend Framework
- Magento 1.3 Theme Design
- Php|architect’s Guide to Programming with Zend Framework
- Flowerbed Wildlife Magento Lined Journal
- The Definitive Guide to Magento
-
Admin
-
Stay Informed...
Insecure or Non-secure Pages on the Magento Checkout
 Add to Favourites
|   (+3 rating, 7 votes) Loading ... |
If you’re using an SSL Certificate at the checkout on Magento, which quite frankly I hope you are, you will need to ensure that you do not get all those horrible “this page contains insecure or non secure items”. Now, if you’re a Firefox user like me, you won’t see this error message, and the error is less obvious. It is for this reason that I suggest that you use Internet Explorer to test your checkout. Since most of the world still use IE, it is definitely the way forward to test your checkout.
Having this error is a bad bad thing and it is incredibly vital that it is sorted as soon as possible. It will only increase your drop-off rate at the checkout, and people will be incredibly unsure about whether or not your site is safe enough to buy from.
The error occurs for one of the reasons:
1. Your images are not being referenced securely… (this includes backgrounds)
2. Your Javascript source is not being referenced securely.
3. If you are using Flash, the links within the object class must be secure.
So, the best thing to do, is either change the links of your images, backgrounds, and all the rest – from http:// to https:// alternatively, if you find that the templates are being used not only on your checkout but also on other areas of the website – then simply put // rather than http:// or https://.
This way, depending on the type of page you are on, it will automatically adjust and either pick up the secure or non-secure location of the target object. This will instantly alleviate any potential problems in the checkout, and, encourage the users to carry on and buy with complete peace of mind!
about the author
This article was written by Sophie Keenan on December 3, 2008.
Sophie is the computer genius!! Sophie is a regular columnist on Blasted Thing! Contact Us |
related articles
One Page Checkout (Guest Customer) - Video Guide Change Credit/Debit Card name in Magento One Page Checkout (Logged In Customer) - Video Guide Show Product Description on Magento Shopping Cart page Remove validation from phone number field on Magento checkoutcomments
5 Responses to “Insecure or Non-secure Pages on the Magento Checkout”
Leave a Reply
 Remove Validation from Phone Number Field on Magento Checkout |
-
Sponsored Ads
- Terry: GoMage Feed Pro: http://www.gomage.com/extensions/gomage-feed-pro.html A product feed is a data f...
-
Recent Tweets
同じ商品属性を持つ商品を関連商品として表示するエクステンション。使用する属性は自由なので同じ色、同じメーカーなど幅広く使えそう。http://t.co/gqKmwG4g 【木村】
@astroboysoup Yep Magento :D hooking into Drupal and also stand-alone :D also any/all PHP template systems etc
RT @magento: The Magento REST API: A Better Way to Integrate Business Applications http://t.co/24l3iBpz
Agora bora trabalhar... Instalação de testes do #Magento... E leitura da documentação de suporte... HOJE TO EMPOLGADO!!!
Needed #Magento #Developers at #Ahmedabad location. http://t.co/O5PqNszs #Magento #PHP #Mysql #Jobs #Ahmedabad
|
|
Hi Sophie,
Thank you for your articles. I have a situation involving secure one-page checkout and I’m hoping that you can provide some helpful advice.
I run multiple stores off of a single Magento install. These stores all have separate domain names. I’m using a shared hosting plan (a pretty good one) that accommodates my setup but limits me to only being able to install one SSL. Because of this I have each domains SSL path in Magento’s configuration pointing to the one domain that has SSL. This results in having a central shopping cart for every domain. That’s great except that the user sees the site change when going to checkout. It no longer is the same template.
I see that the sites from Bright Light Media all work properly with SSL and was wondering if my problem is my configuration settings or if maybe I need a different host or what? I appreciate any help that you can offer.
Thanks again,
Chris
Hi, looks like Sophie hasn’t had chance to read your comment yet Chris, but maybe I can help.
It would be interesting to see what kind of set up you have. Bright Light Media have separate domains for their Magento websites, running off the single installation.
Each domain, in the Control panel, have got SSL certificates, and also they are set in Control Panel to have “Use a single directory for housing SSL and non-SSL content” enabled.
I suspect in Magento’s Adfmin is where the problems are lying: So in System > Configuration > choose Web Site from Drop Down > Web Tab you should see the Unsecure boxes as follows:
Base URL – http://www.your-individual-website.com
Base Link URL – {{unsecure_base_url}}
Base Skin URL – http://www.where-magento-is-installed.com/skin/
Base Media URL - http://www.where-magento-is-installed.com/media/
Base JavaScript URL – http://www.where-magento-is-installed.com/js/
Secure fields should be filled the same as above with with the https://
In the same breath, it is worth mentioning that for each website, on the Design tab, you should put the name of the theme folder that you want each website to reference.
PS: It is also worth noting that you need to have the domain which houses the Magento installation accessible from other domains on your server. You will need your “open_basedir” set to None.
If you need any further help, drop me an email via the Contact Form at the bottom of the page.
Hi Sophie Keenan,
Thanks a lot for your post. I had a similar issue in my one page checkout and finally I found that there was webtracking script pointing only to http which was showing my page as partially secured. when I removed the tracking code, the page started loading fully secured.
Thanks again for your post,
Sriram
I am at the point of development on our new site where I installed the SSL on the server and needed to change the config of Magento 1.4 to use https in the checkout. I was getting the ’secure and not-secure content’ warning from Internet Explorer and started looking around for the solution. I knew it was from scripts, css or css images..but being new to Magento was not sure what was handled by the config and what I needed to tweak in my custom them and custom .phtml files.
Then I found your post and changed the url reference for my css background images to simply ‘//’ (something I had never ever heard of in many years of development). Upload the css file and that fixed it all! Happy, happy I found your post.
Thanks!
Hi have the same problem we are losing customers for that issue I am new to Magento and like to get some information in detail on how to fix this
thanks