• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 406
  • Last Modified:

Make character code secure

We just noticed that the social icons are showing insecure when using https:
https://www.sempdx.org/amember/payment/authorize-aim/cc?id=457MR-40a7a8bf5a2bd140

You can see the icons on the top and bottom right are showing as just squares in firefox because they're insecure. You can see the difference by looking at any regular http page:
http://www.sempdx.org/

They're displayed by css using a character code:
.et-social-facebook a.icon:before { content: '\e093'; }
.et-social-twitter a.icon:before { content: '\e094'; }
.et-social-google-plus a.icon:before { content: '\e096'; }
.et-social-pinterest a.icon:before { content: '\e095'; }
.et-social-linkedin a.icon:before { content: '\e09d'; }
.et-social-tumblr a.icon:before { content: '\e097'; }
.et-social-instagram a.icon:before { content: '\e09a'; }
.et-social-skype a.icon:before { content: '\e0a2'; }
.et-social-flikr a.icon:before { content: '\e0a6'; }
.et-social-myspace a.icon:before { content: '\e0a1'; }
.et-social-dribbble a.icon:before { content: '\e09b'; }
.et-social-youtube a.icon:before { content: '\e0a3'; }
.et-social-vimeo a.icon:before { content: '\e09c'; }
.et-social-rss a.icon:before { content: '\e09e'; }

Open in new window


Is there a way to force them to be secure?
0
Dzynit
Asked:
Dzynit
  • 5
  • 5
1 Solution
 
Dave BaldwinFixer of ProblemsCommented:
Comes from this code.
@font-face {
font-family: 'ETmodules';
src:url('http://www.sempdx.org/wp-content/themes/Divi/fonts/ETmodules_v2.eot');
src:url('http://www.sempdx.org/wp-content/themes/Divi/fonts/ETmodules_v2.eot?#iefix') format('embedded-opentype'),
url('http://sempdx2014cache.s3.amazonaws.com/wp-content/themes/Divi/fonts/ETmodules_v2.ttf') format('truetype'),
url('http://www.sempdx.org/wp-content/themes/Divi/fonts/ETmodules_v2.woff') format('woff'),
url('http://www.sempdx.org/wp-content/themes/Divi/fonts/ETmodules_v2.svg#ETmodules') format('svg');
font-weight: normal;
font-style: normal;
}

Open in new window

Try getting rid of the 'http:' and start with the '//'.  Supposedly that makes the browser use the current method, either 'http' or 'https'.
0
 
DzynitAuthor Commented:
I tried that and even tried using the full path with https, but still no luck.
0
 
Dave BaldwinFixer of ProblemsCommented:
That probably means that those aren't the only places or things that are not using 'https'.
0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 
Dave BaldwinFixer of ProblemsCommented:
Like here:

<script src="http://code.jquery.com/jquery-1.9.1.js"></script>
<script src="http://code.jquery.com/ui/1.10.3/jquery-ui.js"></script>

There are also at least 3 <img> tags that are 'http' instead of 'https'.
0
 
DzynitAuthor Commented:
I can deal with getting the other items taken care of, it's the social icons I really need help with. I guess I'll give it a try switching to fontawesome because I found a single forum post with a link to an https site and those icons work fine on it.

If that doesn't work, then we'll apparently have to do a screenshot and make actual images for the icons.
0
 
DzynitAuthor Commented:
This turned out to be some incorrect custom code added in the theme's custom code editor. I was unaware that someone had added it and it was easily visible. After finally resorting to putting in a support ticket to the theme author, the person that added the wrong code remembered and let me know.

After that was fixed, I was able to turn on the https plugin that auto corrects any scripts and images in the pages. I just couldn't do that until the social icons would show.
0
 
DzynitAuthor Commented:
This was closest to where the problem was, but someone had copied this incorrectly in the custom editor and it wasn't easily found.
0
 
Dave BaldwinFixer of ProblemsCommented:
Glad you found and thanks for the points.
0
 
DzynitAuthor Commented:
No problem Dave, I appreciated the help. Most of the time it turns out to be something so simple, yet overlooked because I'm always looking for the more complicated cause :)
0
 
Dave BaldwinFixer of ProblemsCommented:
I understand that.  I recently had on PHP page that wouldn't run, just put up a blank screen with no error messages, because I forgot to erase an extra ';' at the end of a line.  Took a while to find that one.
0

Featured Post

Receive 1:1 tech help

Solve your biggest tech problems alongside global tech experts with 1:1 help.

  • 5
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now