All pages are requiring https:// when logged in with administrative rights, regardless of SSL cert settings.

 When logged into NetCommunity as a supervisor or with an account that has edit/admin rights, all pages are being accessed via https:// rather than http://, regardless of the page content and whether "Require SSL for all pages" is selected in Administration > Sites & settings. 

This is causing a mixed contenet dialog box to pop up in Internet Explorer every time we click to go to another page on your site. 
Due to PCI compliance, as of version 6.51, all administration pages are now forced to use SSL.  This is to prevent a potential hacker from sniffing unencrypted traffic and obtaining details about your login and account.  Because of this, images and javascript files referenced with http:// will force a mixed content message - this should not affect an end-user that visits the page in question as this message only appears when logged in with admin rights.

To test, log out of your admin account and visit the page.  If a login is required to view the page, log in as a non-admin user.  You should no longer see the mixed content message.



Was this article helpful?