Register

If this is your first visit, please click the Sign Up now button to begin the process of creating your account so you can begin posting on our forums! The Sign Up process will only take up about a minute of two of your time.

Results 1 to 2 of 2
  1. #1
    Junior Member
    Join Date
    Nov 2021
    Posts
    1
    Member #
    63182

    Only Phones are claiming my sites are insecure...?

    Hello and thanks in advance.
    All my websites serve up HTTPS with a nice "lock" symbol in Chrome on Windows PC's.
    But three of them show as insecure in Chrome on any Android Phone tried recently (ever since the move from shared hosting to a VPS).
    One shows the triangle "!" instead of lock, and two others show https with a line thru it and you have to click Advanced and Continue to proceed to the "Unsafe" site.

    How can this be?

    In cPanel all relevant domains show the basic, stock auto SSL certs are fine and current. Just like computer visitors see that they are in Chrome. So what's up with the phone visitors?

    In fact, some of the subpages of the three websites show HTTPS and a lock on phones, just not the default domain name or home page.

    Does anyone know what could cause this?

    example showing a lock and HTTPS on computers -- but a warning on phones:
    geigercheck.com
    I made that a link with https in it, here is the plain domain name:
    geigercheck.com

    example showing a lock and HTTPS on computers but an outright Site Not Safe page on phones:
    rocksunlocked.com
    I made that a link with https in it, here is the plain domain name:
    rocksunlocked.com

    How can the SSL cert be fine on PC Windows Chrome and not on Android Chrome?
    ***Or what could cause Wordpress to serve up HTTPS to computers but only HTTP to phones?
    First we thought it was just this or that phone needing time/date sync, cache cleared, etc. but no it's all of them.
    Last edited by Otter; Nov 28th, 2021 at 07:29 PM.

  2.  

  3. #2
    WDF Staff mlseim's Avatar
    Join Date
    Apr 2004
    Location
    Cottage Grove, Minnesota
    Posts
    7,980
    Member #
    5580
    Liked
    761 times
    On the web page, you must have some images, javascripts, jquery files that have paths to non-secure locations.

    I see by looking at your source that you are doing well by defining all paths as absolute (with https).

    Try eliminating lines one at a time, or eliminate sections at a time and see if you can find the spot that is triggering the warning.

    Example, this line ... is it necessary?
    <link rel="profile" href="https://gmpg.org/xfn/11">


    on Geigercheck I see a line with http:// .... line 224

    on Rocksunlocked I see several lines with http:// lines, 236,276,337,345

    Paste copy of the whole HTML in notepad++ editor and do a search for "http://"

    Last edited by mlseim; Nov 29th, 2021 at 12:01 PM.



Remove Ads

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
All times are GMT -6. The time now is 04:59 AM.
Powered by vBulletin® Version 4.2.3
Copyright © 2022 vBulletin Solutions, Inc. All rights reserved.
vBulletin Skin By: PurevB.com