Jump to content
[MUST READ] Forum Rules ×

HTTPS / SSL on signup page not working


Recommended Posts

Hi, I enabled SSL on my website www.turnkeyresellerwebhosting.com through cloudflare so that I could server my pages under HTTPS it all worked ok until it came to customers signing up for an account. When the customer clicks on the register button after signup it throws an error message.

ERROR #8938749304 Your browser does not appear to be sending refer information this is a requirement

I have test from both firefox and chrome and get the same problem, if i remove the HTTPS then it works ok, but then Firefox warns the user that the connection is not secure which will put off a lot of people from signing up.

I believe it is caused because you are going from HTTPS to HTTP during the signup as it takes me to order.turnkeyresellerwebhosting.com but HTTPS does not work on this connection because it is self signed. I tried putting the following code into the header

<meta name="referrer" content="origin">

But then i get error Posting Error, please contact support

Can we have a solution to enable HTTPS for the signup form?

Perhaps all resellers could have it setup to offer a free letsencrypt SSL cert? Then the signup and cpanel pages could also be served over SSL, especially with many browsers now warning if you try to enter form information on a none HTTPS page

Link to comment
Share on other sites

4 hours ago, ukclearance said:

Hi, I enabled SSL on my website www.turnkeyresellerwebhosting.com through cloudflare so that I could server my pages under HTTPS it all worked ok until it came to customers signing up for an account. When the customer clicks on the register button after signup it throws an error message.


ERROR #8938749304 Your browser does not appear to be sending refer information this is a requirement

I have test from both firefox and chrome and get the same problem, if i remove the HTTPS then it works ok, but then Firefox warns the user that the connection is not secure which will put off a lot of people from signing up.

I believe it is caused because you are going from HTTPS to HTTP during the signup as it takes me to order.turnkeyresellerwebhosting.com but HTTPS does not work on this connection because it is self signed. I tried putting the following code into the header


<meta name="referrer" content="origin">

But then i get error Posting Error, please contact support

Can we have a solution to enable HTTPS for the signup form?

Perhaps all resellers could have it setup to offer a free letsencrypt SSL cert? Then the signup and cpanel pages could also be served over SSL, especially with many browsers now warning if you try to enter form information on a none HTTPS page

The problem with the ssl is a well known one. As of right now, there isnt any official support for cloudflare ssl, and as such there are problems when registering over https. To be honest, it doesnt look like we will get a solution for it soon.

Link to comment
Share on other sites

  • 2 months later...

@ukclearance  As I check your website right now (https://www.turnkeyresellerwebhosting.com/signup.php) I may have found the problem. The problem may reside in a mixed content and blocked content error.

Chrome gave the following errors:

*Mixed Content: The page at 'https://www.turnkeyresellerwebhosting.com/signup.php' was loaded over a secure connection, but contains a form which targets an insecure endpoint 'https://order.turnkeyresellerwebhosting.com/register2.php'. This endpoint should be made available over a secure connection.


*Mixed Content: The page at 'https://www.turnkeyresellerwebhosting.com/signup.php' was loaded over HTTPS, but requested an insecure image 'https://order.turnkeyresellerwebhosting.com/image.php?id=f3a5325b94dd8020bfa75b7bf621a651'. This content should also be served over HTTPS.
*adsbygoogle.js Failed to load resource: net::ERR_BLOCKED_BY_CLIENT


*Mixed Content: The page at 'https://www.turnkeyresellerwebhosting.com/signup.php' was loaded over HTTPS, but requested an insecure script

*'https://code.jquery.com/jquery-1.11.0.min.js'. This request has been blocked; the content must be served over HTTPS.
bootstrap.min.js:6 Uncaught Error: Bootstrap's JavaScript requires jQuery
    at bootstrap.min.js:6


*Mixed Content: The page at 'https://www.turnkeyresellerwebhosting.com/signup.php' was loaded over HTTPS, but requested an insecure favicon 'https://www.turnkeyresellerwebhosting.com/404.php'. This content should also be served over HTTPS.

 

------------------------------

To see those errors through Chrome use the following command while having Chrome open. Click Ctrl ->Alt -> i (without the "->")

 

Solution I would say to go into your file manager or FTP and located all the code that has "https://SomeUrl.com" and change it to "//SomeUrl.com" (remove the http: thats all)

 

If you this have issues or cannot locate the mixed content urls please reply back!

 

Hope this helped! If it did please leave a like!

Edited by DeluxeHost
Link to comment
Share on other sites

  • 4 months later...
On 7/26/2017 at 4:46 PM, DeluxeHost said:

@ukclearance  As I check your website right now (https://www.turnkeyresellerwebhosting.com/signup.php) I may have found the problem. The problem may reside in a mixed content and blocked content error.

Chrome gave the following errors:

*Mixed Content: The page at 'https://www.turnkeyresellerwebhosting.com/signup.php' was loaded over a secure connection, but contains a form which targets an insecure endpoint 'https://order.turnkeyresellerwebhosting.com/register2.php'. This endpoint should be made available over a secure connection.


*Mixed Content: The page at 'https://www.turnkeyresellerwebhosting.com/signup.php' was loaded over HTTPS, but requested an insecure image 'https://order.turnkeyresellerwebhosting.com/image.php?id=f3a5325b94dd8020bfa75b7bf621a651'. This content should also be served over HTTPS.
*adsbygoogle.js Failed to load resource: net::ERR_BLOCKED_BY_CLIENT


*Mixed Content: The page at 'https://www.turnkeyresellerwebhosting.com/signup.php' was loaded over HTTPS, but requested an insecure script

*'https://code.jquery.com/jquery-1.11.0.min.js'. This request has been blocked; the content must be served over HTTPS.
bootstrap.min.js:6 Uncaught Error: Bootstrap's JavaScript requires jQuery
    at bootstrap.min.js:6


*Mixed Content: The page at 'https://www.turnkeyresellerwebhosting.com/signup.php' was loaded over HTTPS, but requested an insecure favicon 'https://www.turnkeyresellerwebhosting.com/404.php'. This content should also be served over HTTPS.

 

------------------------------

To see those errors through Chrome use the following command while having Chrome open. Click Ctrl ->Alt -> i (without the "->")

 

Solution I would say to go into your file manager or FTP and located all the code that has "https://SomeUrl.com" and change it to "//SomeUrl.com" (remove the http: thats all)

 

If you this have issues or cannot locate the mixed content urls please reply back!

 

Hope this helped! If it did please leave a like!

That won't work, as then it'll load all the URLs as https:// and it won't show the security code image, and when you click "register" it'll spit out another "Not Secure" error.

Link to comment
Share on other sites

48 minutes ago, Hostingaj said:

I also have this problem on my SSL.com certificated website.

 

The only solution for now is changing all the secure links that redirects to the https://signup to https://signup.

Yep, and say goodbye to customer trust!

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...