- This topic has 7 replies, 5 voices, and was last updated 9 years, 5 months ago by
.
-
Posts
-
Greetings-
I’m having an issue which seems due to HTTP vs HTTPS. I set up an Events Calendar implementation on a dev site (which uses HTTP for public and admin). It looks & works great.
Then I migrated the implementation to the live/public site (which uses HTTPS just for WP admin). The events admin screens on the live/HTTPS site look odd, and are missing config options present on the dev/HTTP implementation. I checked the console on the live/HTTPS site and found 14 Mixed Content errors (5 for stylesheets, 9 for scripts), which are occurring on admin screens for Settings, Events, Venues & Organizers:
“This request has been blocked. The page at … was loaded over HTTPS, but requested an insecure stylesheet” (or script).
I found an older thread that suggested the “SSL Insecure Content Fixer” plugin as a workaround. Can the Events Calendar work over HTTPS (admin only)? Or do I need to use the above plugin?
Thanks,
-MikeHey Mike,
Thanks for getting in touch with us! Interesting question here…
Firs of all can you describe how are you setting SSL for the admin area only? Seems like the plugin is not correctly detecting this.
I found an older thread that suggested the “SSL Insecure Content Fixer” plugin as a workaround. Can the Events Calendar work over HTTPS (admin only)? Or do I need to use the above plugin?
You might give it a try just to be sure there’s a fallback, and we can continue to work on this to see if there’s a configuration that doesn’t need of this plugin to work!
Please let me know about it,
Best,
NicoThanks for the reply, Nico. I have the following line in my site’s wp-config.php:
define('FORCE_SSL_ADMIN', true);That’s it. Just to be certain, on the WP Dashboard > Settings > General screen, both the WordPress Address (URL) and Site Address (URL) fields have “http://”.
Fwiw, the SSL Insecure Content Fixer plugin seems to fix the problem. But it would be comforting to not need another plugin as a workaround.
Hi Mike!
I hope you don’t mind me jumping in here however Nico is largely unavailable today and we didn’t want to leave you waiting.
Weirdly, I cannot replicate the same set of problems on a site running the latest versions of our plugins and where, as you have done, FORCE_SSL_ADMIN is true and https:// is specified in both the site and home URL settings.
I actually couldn’t find a single instance of an asset being referenced over straight HTTP (and I checked the general event settings screen and a few other settings screens, plus the main admin events list and of course the event editor). So there does seem to be a bit of a discrepancy here in terms of what we’re both experiencing and I’m admittedly unsure what would be behind that.
I realize you probably don’t want to revert to a situation where these problems crop up again, but if you were able to temporarily do so and itemize some of the scripts/stylesheets that are being flagged up that would be really helpful here.
Thanks so much for your help on this one!
Hi Barry-
Thanks for stepping in. I’m wondering if you misread my previous message. On this installation, I’m only using HTTPS for WordPress admin, and NOT for public access. The WP site and home URL settings have “http” – and not “https”.
-Mike
I do apologize, Mike: I completely misread. With my local configuration corrected to match your own, I do indeed see this problem – I’ll get this logged and we’ll look at addressing this in an upcoming release.
Hello!
I wanted to inform you that we’ve just published a series of updates to our products that fixes a number of issues.
These updates should include fixes for the problems reported here, where our plugins’ scripts and stylesheets were being served over HTTP when they should’ve been served over HTTPS, or vice versa.
Learn more about this release—version 4.3.3—in the official release notes here → https://theeventscalendar.com/maintenance-release-events-calendar-4-3-3-event-tickets-4-3-3-premium-plugins/
Thanks for your patience in waiting for a fix!
George
- The topic ‘Events Admin over HTTPS?’ is closed to new replies.