How do I cache images in Activity+ so it doesn't break SSL?

Hi,
I thought I remembered a cache images locally option but I may have been thinking of a different plugin. When I use BuddyPress Activity+ it tends to break the site's SSL verifications since it hotlinks back to the original website, generally non-encrypted since a lot of sites are http. Can it be set to cache the thumbnail images when posting links and videos instead of hot linking, breaking our site's SSL verifications on people's browsers?
Thank you!

  • Adam Czajczyk

    Hey Aurelio,

    I hope you're well today and thank you for your question!

    I don't think actually that's the BuddyPress or BuddyPress Activity+ matter itself. It might be a bit tricky to setup caching for external (hotlinked) images directly via WordPress. The way hotlinking works is that your page informs user's browser of the image location. In fact, this image doesn't go through your server at all, thus it's not being saved anywhere.

    So, first WP (actually, the php script behind it) would have to download the image to your server, then alter the HTML code (just as proxy scripts do) and serve this altered code along with an image to the end user. Perhaps those plugin will help but I haven't tested them yet and according to the docs they work only for posts:

    https://wordpress.org/plugins/import-external-images/

    https://wordpress.org/plugins/auto-upload-images/

    Otherwise it will probably require a custom job. You may ask for custom job on our Job Board here:

    https://premium.wpmudev.org/wordpress-development/

    I hope that helps!

    Cheers,
    Adam

  • Aurelio

    I tried both of them and Activity+ is still setting up the link thumbnail as serving the thumbnail directly from the remote server, breaking the SSL of the activity page.
    Was this ever an option on the BuddyPress Activity+ plugin? I saw an option to upload images locally in it or a similar plugin I was using before I'm pretty sure, but had taking the feature off. Maybe hot linking isn't the right word. I mean the image that gets posted when people put links in the Activity+ post links is actually a link to an image from an external server, so when you choose a thumbnail it is pulling it from elsewhere. In this case it is the links are to http sites that break our SSL. When someone posts a link to an http site, we get browser warnings from the thumbnail so the plugin cannot be used on an https site without breaking it if someone posts a link to an http site and chooses a thumbnail. The resulting posts has an insecure element that will show the site's ssl broken in browsers. I am almost sure I saw this option before but maybe it was a different plugin. Can it be a feature request then, to not server the thumbnails from the remote servers when someone posts a link? It will break any site that uses SSL when people post links from http sites and choose a thumbnail, as-is. thank you!

  • Adam Czajczyk

    Hey Aurelio,

    I hope you're well today!

    As I said before, the issue here is that those images are on external servers. There's no easy way (and probably no good one) to automatically download them to your WP library. If they'd be downloaded, they'd be also served through a secure connection.

    If none of the plugins works, the other way would be to try to setup some kind of proxy but I'm not sure if it's allowed by your hosting provider (a lot of providers restrict such activities).

    Surely though, disabling the thumbnails would help, at least partially as the original images would still be served insecurely. One way to disable thumbnails would be to create a custom template without thumbnail. Of course the ability to simply switch thumbnails on/off with a simple click would make a great feature, so please post a feature request on our "Features and feedback" forum if you wish:

    https://premium.wpmudev.org/forums/forum/feature-suggestions

    Hopefully other members of our community will support the idea, thus giving our developers an incentive to include it in one of future releases.

    If you have any further questions, I'll be glad to assist you!

    Cheers,
    Adam

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.