Suddenly, my images are not showing up on my site when accessing https pages. No change in my code. My host did have to recompile their ftp service with SSL support after my request (so I could ftpes my site). Can't thing of anything else that would affect my SSL cert. Same thing happens on FF and IE and on different computers.
A:
Yeah, "not showing up" is a little vague. If the HTML is served by HTTPS and the images are still being served by HTTP, there's a little security leak inherent in the page, which your browser may deal with in one of several, largely ineffectual, ways.
Malvolio
2009-12-26 16:31:23
Boy, did you blow this answer. It not only leads nowhere, the answer regarding a 'little security leak' is completely wrong. I suggest that if you don't have a clue, don't answer.
mitch
2009-12-29 20:06:48
+4
A:
If I go to your website ( https://www.scfootball.org/ ), I don't see the images, as you said : I get a 403 (Forbidden) error for each one of those -- I can see this using the "Net" tab of the Firefox extension Firebug, for instance.
If I try to see an image directly, without going trough the site (for instance : https://www.scfootball.org/widgets/GulloParkHeader.png ), then, I can see the image.
If you try, make sure you copy-paste the URL to a new tab/window, and not just click on it
Which means there is some kind of trouble between the website and the access to the images ; not on the images themselves.
If I disable the referer in firefox (the web developper toolbar extension allows that easily) and refresh your website's webpage, the images appear.
If I re-enable the referer, and refresh again, then the images don't appear anymore.
Which means there is something, related to the referer, that prevents the images from being sent, and returns a 403 error instead.
Just a wild guess : maybe there's a .htaccess in your widgets directory (or somewhere else) that prevents images from being served, if the referer doesn't correspond to a specific domain ?
Considering the images are displayed on the site when I access it without HTTPS (i.e. with an URL such as http://www.scfootball.org/index2.php ), maybe there is a "protection" in place so your images are not displayed if the Referer is not that non-https website... And that "protection" has not been updated when you switched to HTTPS ?
(I've seen that kind of "protection" used to prevent hot-linking of images, for instance)
Pascal MARTIN
2009-12-26 16:41:22
@pix0r > Thanks :-) I generally prefer explaining "how" more than "what" : I hope it'll help people debug themselves, the next time, and believe it's more useful for everyone.
Pascal MARTIN
2009-12-26 16:54:16
Good work Pascal MARTIN. I did just recently enable hot link protection from my cpanel. I just disabled it and the images now appear again. I just noticed that I did not have https versions of my sites listed as allowed referers. Thanks again!
mitch
2009-12-26 16:55:43