Lessons Learned: HTTPS February 16, 2017 05:00
Have you ever noticed that some web addresses begin with "http://" and others start with "https://"? What is the difference?
It means that the website is either using HyperText Transfer Protocol (HTTP), or HyperText Transfer Protocol Secure (HTTPS). Again, what is the difference?
Around the origination of the world wide web, network administrators had to determine how to share information that they put on the internet. They agreed to use the HyperText Transfer Protocol (HTTP). Eventually everyone understood this protocol and how it exchanged information, which lead to intercepting information. To battle this issue, the administrators agreed on a new procedure HyperText Transfer Protocol Secure (HTTPS) to protect the information. In short, the data being sent is encrypted using a "code" that is only known by the sender and the recipient. If anyone intercepts the information, they won't be able to decipher it because they won't have the "code". The computer on each end uses a document called an SSL Certification (Secure Sockets Layer) containing character strings that are the keys to their secret "codes".
Typically your browser will identify clearly which sites are secured.
You can see that we at UPstudio use HTTPS...
We are fortunate enough that our website host provides us an SSL Certification as part of our monthly subscription fee, thank you Shopify. It is however something that each store must activate. We recently received an e-mail from Shopify saying that all stores are required to activate their SSL Certificate and migrate to HTTPS by March 1st, 2017, or it will be done by Shopify automatically. For directions to activate, click here.
During the activation process you are required to fix any errors that prevent the encryption process. In short, all links found on your website must be to other secure (or https://) websites. You will be required to fix these "mix content errors". Shopify provides some guidance to aid in understanding and fixing the errors found.
When we were upgrading we kept being directed to pages where we couldn't find any errors, all content and links were referencing secure locations. We finally figured out that it was our newsletter sign up, which is in the footer of our website template, and therefore shows up on all pages. So this lesson learned is for all of those Shopify stores using MailChimp as their newsletter provider that are having issues with activating their SSL Certification. There is a very simple fix that worked for us.
When we first set up our theme and included a newsletter sign up in the footer we followed the directions at the bottom of this page to provide the MailChimp form action url. Which meant that the url we entered appeared like this:
The simple fix is to just add "https:" in front of the provided form action URL, so that it appears as follows:
It is that easy!
For more lessons learned, click here to view our blog series. Have any questions for us about how we approached/accomplished something? Comment below or contact us, we are firm believers of collaboration over competition.