When I click on one of my links in the top half, the next page reverts to HTTP, but I can activate HTTPS by simply changing the URL. Subsequent pages retain HTTPS unless they are loaded from a different directory. My domain host tells me I need to 'Create a 301 Redirect to Enforce your SSL certificate'.
I followed the instructions to implement this (HINT: .htaccess) and almost everything looked good. I had one issue with image files, so I decided to test using an image in a blog post.
This is a recent image found on eBay, where the description said,
A. Kindler (1833-76) German Framed 1874 Oil Canvas Painting, 'Men Playing Chess' Dimensions of Canvas: 28" x 22"
Now let's see if it works correctly.
***
Later: Indeed it did work. The image appears and is loaded with the correct 'HTTPS' transfer protocol. Once I verified that everything looked good, I went back to the previous post, 'Activating HTTPS', with the idea of corrrecting the image protocol used in that post. Before changing anything, I looked at 'Preview' and received the familiar message:-
This page contains HTTP resources which may cause mixed content affecting security and user experience if blog is viewed over HTTPS.
Fix Dismiss Learn more
'Fix' immediately closed the edit session. When I reopened it, I discovered that the image 'HTTP' had been changed to 'HTTPS'. When I looked at the blog post, the image was loaded with 'HTTPS'. [NB: 'Learn more' goes to Fix mixed content on your blog (support.google.com).] Of course, I'm not going back to all 2700+ old posts on this blog (plus my three other blogs) to change the image protocol. Instead, I have a number of other tasks to perform:-
- Investigate why the security certificate (issued by Let's Encrypt 'Free SSL/TLS Certificates') is only valid for three months, to 15 October 2018.
- Examine the impact on the site's stat logs.
- Flag the HTTPS change to Google search.
I suspect that last part will be done automagically, but I would like to be sure.
No comments:
Post a Comment