March 7, 2013 at 12:20 pm #24814
Hi, I need some help, I thought I had …. Here is the site I recently developed and put online using the Executive child theme — http://motherhouse.us/ and I’ve got the following plugin installed for online event registration and payment —- http://wordpress.org/extend/plugins/event-registration/. I’ve also got Woo Commerce installed but am not using that yet….
I’ve got the Event Registration working OK, you can register and are taken to PayPal to pay for the event, but then when PayPal returns you to the site a security warning comes up about the information being encrypted, but the line being unencrypted…. I’ve done everything I thought I should do, but the security warning is still coming up? Can anyone point me in the right direction?
These are the things I’ve done — the site is hosted on Dreamhost, I’ve got and paid for secure hosting, including a signed certificate…. I’ve set up and specified in PayPal that the payment confirmation page is https….. But, is there some additional way I can indicate the site and or the particular page is secure? I installed another plugin called — http://wordpress.org/extend/plugins/wordpress-https/, had it activated, marked the page as secure, but it didn’t make a difference, so then I deactivated it. Thanks for any help, I really appreciate it!March 7, 2013 at 1:10 pm #24827
If you are allowing people to leave your site and go to PayPal to make a payment, your page doesn’t have to be secured with an SSL certificate. The PayPal page is secure. Some don’t like this approach, because it allows your visitor to leave your site.
I suspect the message that you’re seeing is because once on PayPal (which is secure), a visitor returning to your site is going to a page that is not secure.
You secure a page or site with an SSL certificate. All the assets on any page served via HTTPS have to be served securely (ie, without reference to HTTP, just HTTPS). That’s what the the WordPress HTTPS plugin helps you with.
Generally speaking, if you are going to go to the trouble of making your page secure, you might as well investigate taking the payment on your site and avoid letting your visitor leave. You can check out Stripe as a payment processor, since its fees are less than PayPal when you want to take the payment on your own site. You can also check with the author of Event Registration to see what payment gateways they support.
March 8, 2013 at 11:32 am #25018
Thank you Bill! I’m definitely going to check out Stripe and look at how to collect fees right on the site….
One other thought I’ve had in the WordPress Settings where you specifyMarch 8, 2013 at 12:23 pm #25025
No, you shouldn’t change those until you have made your entire site secure. Always avoid making changes until you understand the full impact. For example, if your site includes links to external resources that are accessed via HTTP instead of HTTPS, you will break things.
You can use the WordPress HTTPS plugin to help you secure your entire site or individual pages. The plugin author is usually pretty good about answering support issues in the WP forum. You can also enlist the help of your webhost to secure things. We do this for sites we host on our network.
You must be logged in to reply to this topic.