2018 has been hot with website security requirements. One of these major requirements on websites is the mandate to convert non-secure http:// requests onto securely encrypted https:// requests.
These steps to secure the internet one website at a time are fairly easy if you know basic web development protocols. We outlined these steps in a previous post below. Please read first before proceeding.
Read the post: How to convert your website to https here
Once an SSL certificate has been issued on your web server, you can now begin pointing requests to your website to the secure protocol. (http https) Often times, this is a seamless switch in procedure where you will see the in the address bar.
What To Do When The https Is Broken?
If you experience something that looks like this https://yourwebsite.com you need to look at how the requests are being called in the backend. In some cases, you may not see the red font and the URL may look like this https://yourwebsite.com. To repair, open your website in Google Chrome and right-click anywhere on the web page. Click on “Inspect” or Ctrl+Shift+I. A code inspector will open in your web browser to the right of the web page. Look toward the bottom in a tab called Console.
The console will list the warnings designated in yellow and the errors designated in red. Take a look at the screenshots below as an illustration of these errors. This step is called discovery debugging.
Non-Secure HTTPS errors shown in the Google Chrome Code Inspector Console
Non-Secure HTTPS warnings shown in the Google Chrome Code Inspector Console
How To Repair The Non-Secure Requests
Take note of each of the non-secure requests and their respected URL structure. You will apply fixes to databases and html code by changing the request to https. Typically, these types of errors happen when code is being added manually to the web page markup or if it is not using a standardized root URL structure.
Make sure the files actually exist on the new secure server prior to just changing the request structure. You can do this by changing the request structure to https and either pasting the full path to the element in your web browser or checking the server files directly. If files are in-fact present in the server directory and they are still showing invalid or not accessible, take a look at your .htaccess file or your apache settings to ensure these overrides are not blocking the new requests.
Once all of the non-secure requests have been changed to the https protocol, the errors will do away and you should see either Your Company Name [US] https://yourwebsite.com. or Secure https://yourwebsite.com.