Tips and Tricks HQ Support Portal › Forums › WP eStore Forum › WP eStore Troubleshooting › Security Warning after checkout and Returning from PayPal
Tagged: https, SSL, ssl certificate
- This topic has 7 replies, 5 voices, and was last updated 10 years, 2 months ago by Sev.
-
AuthorPosts
-
March 13, 2012 at 4:53 am #5813Ric MMember
Hi,
I’m using the latest version of your eStore Plugin on a new install of WP.
I’m using a Buy Now button that takes the customer straight to PayPal.
After they complete the purchase, and click the “return to merchant” button, Firefox 10.0.2 shows a “Security Warning: Although this page is encrypted, the information you have entered is to be sent over an unencrypted connection…” Are you sure you want to continue?”
I suspect this is the IPN info being sent back to my site, but I’m worried that my customers will panic and click cancel.
Is this warning normal, or is it a sign that I’ve set things up wrong?
Thanks
March 13, 2012 at 5:21 am #42994adminKeymasterThis is a standard warning that browser shows the user when you send data from a HTTPS site to a Non HTTPS site. In this case as you’re coming from paypal (secure – https) to yourdomain (non secure – http).
Note that you don’t need a SSL certificate but if you don’t want your customers to see that warning you will need to install a SSL certificate for your domain which will make your domain URLs secure (https) and the browser won’t show this warning anymore.
You can also enable Auto Return in your PayPal profile which will automatically redirect the customer to your “Thank You” page after a payment. When PayPal auto redirects to your site your customer’s won’t see that warning.
More discussion on this topic here:
https://support.tipsandtricks-hq.com/forums/topic/using-ssl-options-ideas-and-what-not
October 15, 2014 at 4:47 pm #42995SevMemberHi. I’ve got eStore and I too am getting the security warning when leaving Paypal and going back to my website. I’ve tried both setting the Thankyou page as an https page and also setting up in PayPal for it to redirect to this page specifically – but I’m still getting the security message. Any thing else I could try?
Many thanks.
October 15, 2014 at 6:51 pm #42996wzpModeratorif you don’t want your customers to see that warning you will need to install a SSL certificate for your domain which will make your domain URLs secure (https) and the browser won’t show this warning anymore.
You have an SSL certificate, correctly installed?
Please share a link to your thank you page so we can see if the HTTPS is working correctly on that page.
October 16, 2014 at 7:02 pm #42997SevMemberHi. This is the url for the thank-you page:
[https://www.genekeys.com/thank-you/]
the https seems to be working – but there may be more to it than I understand!
October 16, 2014 at 9:16 pm #42998wzpModeratorOne of the images on the Thank You page is using a non secure (regular HTTP) URL. The image of the blue “Gene Keys” book.
October 17, 2014 at 12:25 am #42999wpCommerceModerator@Sev, This is the exact error:
The page at 'https://www.genekeys.com/thank-you/' was loaded over HTTPS, but ran insecure content from 'http://freegeoip.net/json/?callback=checkAmazonLinks': this content should also be loaded over HTTPS. (amazon_linker.min.js?v=1.9:1)
That error is coming from the “amazon_linker.min.js” file and causing the issue (I am guessing it is coming from another plugin which is not HTTPS compatible). As soon as you fix that, your Page will be fully HTTPS compatible and you won’t see that other warning anymore.
October 17, 2014 at 6:46 pm #43000SevMemberGreat! Thanks so much to both of you for explaining this. Much appreciated.
-
AuthorPosts
- You must be logged in to reply to this topic.