The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Mixed http / https content

Discussion in 'General Discussion' started by arjanvr, Feb 19, 2017.

  1. arjanvr

    arjanvr Well-Known Member

    Joined:
    Dec 13, 2013
    Messages:
    101
    Likes Received:
    1
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Hello,

    We enabled auto ssl in cpanel on a website but now iframes does not show some pages anymore. I think i found this has to do with the fact that the browser is blocking content due to the fact that the content inside the iframe is http while the website is being loaded trough https. Is there any way in cpanel or whm to have it still load the content or some other way to fix this?

    Loads of sites use iframe so why would they not have this problem..

    Thanks!
     
  2. NOC_Serverpoint

    NOC_Serverpoint Well-Known Member

    Joined:
    Jul 3, 2016
    Messages:
    102
    Likes Received:
    6
    Trophy Points:
    18
    cPanel Access Level:
    Website Owner
    Hi,

    It is caused by objects that load via an insecure HTTP protocol on HTTPS page. Most modern browsers are blocking HTTP requests for security reasons. To fix it, the links should be loaded both via HTTP and HTTPS relatively. It is similar to the insecure content issue and can be fixed by installing the plugins or modules on the CMS or modifying the links manually.

    You should check if all the links in your site code are using a secure connection https:// Also it is worth checking external items related to scripts or objects, for example, Flash or Google Adsense/Analytics. The secure location from where content is downloaded does not have to be your secure location, but it has to be a location with a SSL certificate installed.
    Insecure content can be checked at: Why No Padlock - Why is my SSL web page insecure? Find the culprit! or via Google Chrome, you will need either to press: ‘Ctrl+Shift+J’ and then click on ‘Console’ (for Win/Linux)


    or in Chrome Menu choose Tools > JavaScript Console.

    Update all the HTTP links to the HTTPS ones in the website’s script. For example, moving the image file to a secure part of the site, e.g., https://secure.yyy.com/image.gif;
    Making the links relative to the root directory by adding a backslash before the file name as in the following example: <img src="/image.gif"> This would translate to both <img src="https://www.yyy.com/image.gif"> and <img src="http://www.yyy.com/image.gif">
     
    cPanelMichael likes this.
  3. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,405
    Likes Received:
    53
    Trophy Points:
    28
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hi,

    Its basically because of encryption you are facing the issue. A website may have referrers link that may be on non-secure manner, so you go to replace all the non-secure contents and links with the secure one..
     
  4. arjanvr

    arjanvr Well-Known Member

    Joined:
    Dec 13, 2013
    Messages:
    101
    Likes Received:
    1
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Many websites use this and some must be https. Is there a workaround go get this working in a https website?


    <iframe src="Uitslagen SV Basteom, Baak" width="100%" height="500px" frameborder="0" scrolling="yes"></iframe>


    Thanks again!
     
    #4 arjanvr, Feb 19, 2017
    Last edited by a moderator: Feb 20, 2017
  5. sktest123

    sktest123 Well-Known Member

    Joined:
    Jan 31, 2017
    Messages:
    69
    Likes Received:
    3
    Trophy Points:
    8
    Location:
    kochin
    cPanel Access Level:
    Root Administrator
    Hello,

    There are lots of discussion under stack overflow (developers discussion forum)regarding the same issue , suggestion is

    "Page served over https:// with an iframe using an http:// URL: will generate mixed content warnings, thereby introducing a potential security risk, and should be avoided.
    "
    possible work arounds are mentioned too.
     
  6. arjanvr

    arjanvr Well-Known Member

    Joined:
    Dec 13, 2013
    Messages:
    101
    Likes Received:
    1
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Ok thank you. Perhaps a lot asked but can you give me the URL of such workaround?
     
  7. Jcats

    Jcats Well-Known Member

    Joined:
    May 25, 2011
    Messages:
    588
    Likes Received:
    88
    Trophy Points:
    153
    Location:
    New Jersey
    cPanel Access Level:
    DataCenter Provider
  8. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,171
    Likes Received:
    1,295
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    The previous posts should help to address the issue. Let us know if you have any additional questions.

    Thank you.
     
Loading...

Share This Page