Why when using https:// are all the links for "buttons" (example login button) http? [closed]

Question

I installed the  software and specifically told it https... when I request the site I get the https:// version of the site. I go to login for the first time and it says my password will be sent plain text. I look at the source in the browser and sure enough... all the links are "http".  What do I need to fix to resolve this? <tia> :)

An example the "form action" when viewing the https page for login(login.php) looks like this

"<form action='http://example.com/login.php' method='post' id='myform'>"  even though I am viewing https://example.com/login.php ... hope this helps.

 

Answer 1

http://wiki.e107.org/index.php?title=Security:SSL

that mostly answers my question. third partyplugins aside the default asked about ssl and I said yes. even after changing the redirection as instructed in the link above... I still can't login with an ssl url. This was going to be an ssl only site.

Answer 2

Checkbox: AdminArea > Settings > Preferences > Security & Protection > Enable SSL > [on]

Again check AdminArea > Settings > Preferences > Site Information > Site URL > [https://you_site.com]

One my e107 site is successful use https

Answer 3

Thanks for the answers. I went ahead and tried both of these solutions. Much to my chagrin none of them worked. I do think it is because my site was accessed during the original installation as http. The redirects to https _only_ were done shortly after installation.  so the best answer is...

Both solutions above work if your .htaccess allows http and https access. Otherwise at this point in time it is unsupported for https only. Unless there is a method I do not know about. This cms is not exactly what I was looking for. Thanks for your time and attention.

Answer 4

A little later, but just recently i switched a v1 site to use ssl certificate.
No problems encountered EXCEPT already PRE-used 'absolute' url's.

After changing these, everything alright (site was running quite a long time, so time of installation
has no influence). SSl certif. was installed, and use of ssl activated. No more, no less.
Prefs should mention that the base url is using httpS. (my case no redirection used)

So when i do run your mentioned examples. nothing is out of the ordinary, so seeing that, it also
may apply to the theme you are using or specially crafted plugins that do use absolute url (paths).

Hardcoded url's will NOT be automatically become httpS