Search Helpnote Topics

Avoiding The Not Secure Warning in Chrome Browser For Your VPCart Site

Avoiding The Not Secure Warning in Chrome Browser For Your VPCart Site


As you know, beginning in January 2017, Chrome (version 56 and later) will mark pages that collect passwords or credit card details as “Not Secure” unless the pages are served over HTTPS:

Read more this at :
https://security.googleblog.com/2016/09/moving-towards-more-secure-web.html

That means, if your VPCart site is still not using SSL, and your VPCart site is taking payment and also provide login/password form for your customers, then you should have SSL installed in your site to prevent Google / Chrome browser to show the warning to your customers.

At VPCart, we also resell SSL certificate by Digicert, if you need a new SSL certificate, you can purchase at:
http://www.vpasp.com/virtprog/instantssl1yr.htm

For those that already have SSL certificate installed for your domain and still have Not Secure warning in Chrome browser, you can follow the steps below :

1. Login to your site FTP, go to httpdocs folder.
Check if you have web.config file.

2. If you don't have web.config file, then please create a new file called web.config using notepad and enter this code :

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="HTTP to HTTPS redirect" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" redirectType="Permanent" url="https://{HTTP_HOST}/{R:1}" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>

3. Upload the web.config into your httpdocs folder.

4. If you already have web.config file, then please open the file with notepad or any other text editor and insert this new code before the </configuration> :

<system.webServer>
<rewrite>
<rules>
<rule name="HTTP to HTTPS redirect" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" redirectType="Permanent" url="https://{HTTP_HOST}/{R:1}" />
</rule>
</rules>
</rewrite>
</system.webServer>

5. Upload the web.config into your httpdocs folder to replace your existing.

This web.config change will make sure any HTTP request in Chrome browser will always redirect to HTTPS mode.
Example if we enter in browser url bar : http://www.yourVPCartsite.com/shopdisplaycategories.asp, then it will auto redirect to https://www.yourVPCartsite.com/shopdisplaycategories.asp

Times Viewed:
3969
Added By:
Wilson Keneshiro
Date Created:
1/31/2017
Last Updated:
1/31/2017
Back
Search other topics
Submit a Ticket