Skip to:
Content
Pages
Categories
Search
Top
Bottom

SSL chain broken when using BuddyPress

  • Avatar of jrcode
    jrcode
    Participant

    @jrcode

    I have installed BuddyPress on my Intranet but all I can see is that when I activate it, the SSL chain is broken.

    This situation does not appear when I use bbPress. Can someone tell me what is happening in there?

    As part of the technical details, I am using WordPress version 3.9 and BuddyPress version 2.0.1. Unfortunately, I won’t give the link to my site since it is a member only site. And in addition, it is up and running.

    Thanks for your urgent help!

    JR

Viewing 5 replies - 1 through 5 (of 5 total)
  • Avatar of jrcode
    jrcode
    Participant

    @jrcode

    Hello @imath,

    One of my friend told me that you are an expert and here I come to ask for your help on this topic.

    @All, you can also contribute and thanks very much,

    Best,

    JR

    Avatar of r-a-y
    r-a-y
    Moderator

    @r-a-y

    @jrcode – Can you be more specific?

    What exactly is breaking? What resources are being run over HTTP? Avatars?

    Avatar of jrcode
    jrcode
    Participant

    @jrcode

    Hello @r-a-y,

    Thanks for your reply. In fact when I activate BuddyPress I get a notification that the SSL communication is validated on my site but that it has started including other non-secure resources that could be leveraged by third-parties to make my site misfunction.

    I do not neither know nor understand the origin of this third-party code. Is it from the BuddyPress plugin itself? What is it about then?

    Thanks to @all the community and to you @r-a-y and @imathi for your help

    Best

    Avatar of henrywright
    henrywright
    Moderator

    @henrywright

    Hi @jrcode

    Which theme are you using? Insecure items could come from absolutely anywhere – your theme, plugins etc. They can be images, links etc. The only way to solve this problem is to track down the insecure items by searching for http:// in your source code. Note that ‘secure’ items will all begin with https://. A good way to avoid the use of http:// when using SSL is to use relative paths i.e. /mypath/image.jpg

    Hope this helps

    Avatar of jrcode
    jrcode
    Participant

    @jrcode

    Hi @henrywright,

    Thanks very much for your help. I am using Radius and I noticed that the problem wasn’t there until I installed BuddyPress.

    I searched my code and found the unsecure content refers to “_wp_http_referer”. I think that instead of correcting manually this big number of insecure items, I am going to use a plugin. I have found one “SSL Insecure Content Fixer”, I am going to test and will give a feedback to the community.

    Best,

    JR

Viewing 5 replies - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.