https:// error relating to images - Chrome

Jason76

Madly Diligent
Nov 27, 2016
5,930
618
178
44
USA
jasonyankee.info
FP$
4,182
I had recently ordered a https:// (pro) for http://funbizforum.com However, on Chrome, "insecure images" still prevent my site from being shown as safe, despite the https://

How to fix? Well, I have heard that changing each individual image to https:// is one way. Does anyone know other ways?
 

Empire

VIP Team Member
Jul 16, 2015
25,660
3,089
683
27
United Kingdom
www.baysidegamers.com
FP$
338,183
Cookie Badge
Are images also in the same server and insecure. I had the same problem with two to three and So I uploaded to imgr image site that will automatic be secure.

Images are always a pain. But check you settings and if using cloudflare Kr similar then enable a option that redirect the images to https
 

Jordan

█🍁█ Valued Contributor
Sep 11, 2012
1,762
661
428
Canada
www.Pardy.co
FP$
1,877
Red Diamond
Hey @Jason76 , are these images being loaded from forum posts? If so you have to enable image proxy.

On forums, when users use the image bb code, the image may not be coming from a https connection. The image proxy will then basically make it so the image is coming from your site via your https url. Something like this:
https://funbizforum.com/proxy.php?image=

Go to your ACP and go to Message Options in the options section:
https://funbizforum.com/admin.php?options/list/messageOptions

Scroll down until you see "Image and Link Proxy" check the image proxy check box, and set a secret key (can be anything)
nszD6K.png


Also on top of this, it looks like your background image is using http:// instead of https:// so that will be the cause of your homepage for not being secured properly:
http://dohtheme.com/demo/xenforo/styles/pad/xenforo/img/bodywallpaper.jpeg

it's in your extra.less file. Search for this ".bodyBackground_overlay__bottom::before"
Then just change the http:// to https://
 
Last edited:
  • Useful
Reactions: Carlos X

Carlos X

Addicted
Feb 28, 2013
770
243
78
California
www.carlosx360.com
FP$
2,354
Hey @Jason76 , are these images being loaded from forum posts? If so you have to enable image proxy.

On forums, when users use the image bb code, the image may not be coming from a https connection. The image proxy will then basically make it so the image is coming from your site via your https url. Something like this:
https://funbizforum.com/proxy.php?image=

Go to your ACP and go to Message Options in the options section:
https://funbizforum.com/admin.php?options/list/messageOptions

Scroll down until you see "Image and Link Proxy" check the image proxy check box, and set a secret key (can be anything)
nszD6K.png


Also on top of this, it looks like your background image is using http:// instead of https:// so that will be the cause of your homepage for not being secured properly:
http://dohtheme.com/demo/xenforo/styles/pad/xenforo/img/bodywallpaper.jpeg

it's in your extra.less file. Search for this ".bodyBackground_overlay__bottom::before"
Then just change the http:// to https://
Or you could just go to ACP > Appearance and look in style properties. Not hard.

Proxies are usually for on-posts propagation. I wouldn't recommend it. Read carefully in the ACP about what it does (especially in the screencap you just showed in there). It buffers your image through a proxy so if you turn it off or something to that effect, it's still there, but it will result in different URL's. Just sayin'.

I don't use it because if someone posts an image that isn't mine, I can be blamed for it. Since most proxied images/links mask what you embed.
 
Last edited:
  • Useful
Reactions: Jason76

Jordan

█🍁█ Valued Contributor
Sep 11, 2012
1,762
661
428
Canada
www.Pardy.co
FP$
1,877
Red Diamond
Or you could just go to ACP > Appearance and look in style properties. Not hard.
That doesn't fix the issue of insecure images that get posted on the forums.

But yes, take his advice and do read the ACP carefully. especially this part "Proxying of images is especially important if you are running your site through SSL (HTTPS)" I highly recommend it.
 
  • Useful
Reactions: Carlos X

Carlos X

Addicted
Feb 28, 2013
770
243
78
California
www.carlosx360.com
FP$
2,354
Or you could just go to ACP > Appearance and look in style properties. Not hard.
That doesn't fix the issue of insecure images that get posted on the forums.
Yes, as I said, it's not recommended. Because, as I said, if I post an offsite image from a porn site, and you want to sue me for posting it, guess who's the blame? Not the poster (me), it's you (owner).

Because the proxy shows YOUR link, and not the off site's. Dangerous.

That's why I spent time looking through Appearence area of ACP and fixing the HTTP areas and replacing it with https. I finally got it 100% padlocked. :)
 

Jordan

█🍁█ Valued Contributor
Sep 11, 2012
1,762
661
428
Canada
www.Pardy.co
FP$
1,877
Red Diamond
Or you could just go to ACP > Appearance and look in style properties. Not hard.
That doesn't fix the issue of insecure images that get posted on the forums.
Yes, as I said, it's not recommended. Because, as I said, if I post an offsite image from a porn site, and you want to sue me for posting it, guess who's the blame? Not the poster (me), it's you (owner).

Because the proxy shows YOUR link, and not the off site's. Dangerous.


I'm just going to assume you don't really know what the image proxy is for. You always go to the extreme. First of all, websites can disable hotlinking their images to prevent people from linking the images on other sites. You also wouldn't be sued. If in the rare off chance someone contacts you to remove their image from your site, then you just remove it. Simple as that.

XenForo's and Keir's explanation:
https://xenforo.com/community/threads/exif-rotation-acp-searching-proxying-and-change-logging.66592/

XenForo community recommending it:
https://xenforo.com/community/threads/what-is-proxy-links-and-proxy-images.81020/

Any XenForo forum running on HTTPS should have image proxy enabled. The XenForo devlopers themselves recommend it. Forum Promotion even does. As evidenced by the image in your signature:
Code:
https://forumpromotion.net/forum/proxy.php?image=https%3A%2F%2Fwww.destroyrepeat.com%2Fimgs%2FCarlosX360DR.png&hash=1b6db478ad7436b139e5e5a89387ac0f

The only downside to using an image proxy is that you will use more bandwidth.
 
  • Useful
Reactions: Carlos X

Carlos X

Addicted
Feb 28, 2013
770
243
78
California
www.carlosx360.com
FP$
2,354
I'm just going to assume you don't really know what the image proxy is for. You always go to the extreme.
Well, porn site is a bit too extreme, I agree, but I've seen people spamming those links to "Free Downloads of movies!" A few times, on any one of my sites. I don't want people to think that's my link.
First of all, websites can disable hotlinking their images to prevent people from linking the images on other sites. You also wouldn't be sued. If in the rare off chance someone contacts you to remove their image from your site, then you just remove it. Simple as that.
Exactly, but you never know - people will do things for any bullshit these days.
XenForo's and Keir's explanation:
https://xenforo.com/community/threads/exif-rotation-acp-searching-proxying-and-change-logging.66592/

XenForo community recommending it:
https://xenforo.com/community/threads/what-is-proxy-links-and-proxy-images.81020/

Any XenForo forum running on HTTPS should have image proxy enabled. The XenForo devlopers themselves recommend it.
That's great information for everyone! :)
Forum Promotion even does. As evidenced by the image in your signature:
Code:
https://forumpromotion.net/forum/proxy.php?image=https%3A%2F%2Fwww.destroyrepeat.com%2Fimgs%2FCarlosX360DR.png&hash=1b6db478ad7436b139e5e5a89387ac0f

The only downside to using an image proxy is that you will use more bandwidth.
Exactly. That's what I meant.
 

Jordan

█🍁█ Valued Contributor
Sep 11, 2012
1,762
661
428
Canada
www.Pardy.co
FP$
1,877
Red Diamond
Well, porn site is a bit too extreme, I agree, but I've seen people spamming those links to "Free Downloads of movies!" A few times, on any one of my sites. I don't want people to think that's my link.
People can also upload porn images as attachments on your site and it will be your link. What do you do with that content and those users? You delete the content and ban the user. The same thing applies if you use an image proxy.
 
  • Useful
Reactions: Carlos X

Carlos X

Addicted
Feb 28, 2013
770
243
78
California
www.carlosx360.com
FP$
2,354
Well, porn site is a bit too extreme, I agree, but I've seen people spamming those links to "Free Downloads of movies!" A few times, on any one of my sites. I don't want people to think that's my link.
People can also upload porn images as attachments on your site and it will be your link. What do you do with that content and those users? You delete the content and ban the user. The same thing applies if you use an image proxy.
I will just agree to disagree. :)
 

Jordan

█🍁█ Valued Contributor
Sep 11, 2012
1,762
661
428
Canada
www.Pardy.co
FP$
1,877
Red Diamond
I think the solution is simply to go into the css and make all image links https://

The problem, though, is figuring out where in the css the links are!
Your homepage image that is causing the issue is here:

Also on top of this, it looks like your background image is using http:// instead of https:// so that will be the cause of your homepage for not being secured properly:
http://dohtheme.com/demo/xenforo/styles/pad/xenforo/img/bodywallpaper.jpeg

it's in your extra.less file. Search for this ".bodyBackground_overlay__bottom::before"
Then just change the http:// to https://
 

Jason76

Madly Diligent
Nov 27, 2016
5,930
618
178
44
USA
jasonyankee.info
FP$
4,182
I think the solution is simply to go into the css and make all image links https://

The problem, though, is figuring out where in the css the links are!
Your homepage image that is causing the issue is here:

Also on top of this, it looks like your background image is using http:// instead of https:// so that will be the cause of your homepage for not being secured properly:
http://dohtheme.com/demo/xenforo/styles/pad/xenforo/img/bodywallpaper.jpeg

it's in your extra.less file. Search for this ".bodyBackground_overlay__bottom::before"
Then just change the http:// to https://

Yeah @Carlos X already spotted the solution, but I've just now seen it.
 

Jordan

█🍁█ Valued Contributor
Sep 11, 2012
1,762
661
428
Canada
www.Pardy.co
FP$
1,877
Red Diamond

Jordan

█🍁█ Valued Contributor
Sep 11, 2012
1,762
661
428
Canada
www.Pardy.co
FP$
1,877
Red Diamond
Can you go to your ACP search and type "dt_pad_bg" one of the first search result should be the style option to change the image URL