MarketPress SSL issue in dashboard

When MarketPress is activated on my subsite, I cannot edit posts and pages. It logs me off.

  • Predrag Dubajic

    Hi Sean,

    Hope you're doing well.

    I was doing some tests on your installation and I have created a new test site there that has the same plugins active as the subsite that has the issue.
    If you check that subsite (wpmutest) you will see that you can edit pages there properly even when MarketPress plugin is active, so it seems that this is something specific to the gacprrn subsite.

    Do you have any specific redirects configured for that subsite?

    Also, I see that you have Search & Replace plugin installed on your site, did you use that after gacprrn was created, which might have caused something in DB that you changed for that subsite?
    What exactly were you replacing with Search & Replace plugin?

    Best regards,
    Predrag

  • Sean Neely

    Hi:
    I was told by someone on the WPMU support team to use Search & Replace to replace all http with https because we were having an issue with mixed content and another plugin was suggested by another support member that we were using. The second support member thought the search/replace was a better option.

    So, for this particular issue, you're right, I can edit pages...however...it looks like store is still having the mixed content issue. When I go to the store on test site you created (after installing an SSL certificate), I couldn't add products to the cart, etc. (mixed content issue).

    The original proposed fix was with the Really Simple SSL plugin...so, I've just activated that on the new test site...it did NOT fix the store issue and now I am stuck in a login redirect when trying to access the dashboard for this new site.

    Can you help me with that?

    This ticket was based on a third try of fixing the issues with Marketpress + SSL on our sites.

    The screenshot here shows the mixed content error in Marketpress, even though there is an SSL installed. We can edit the pages, etc. on this site, but have NOT activated Really Simple SSL so that we can login to the dashboard.

  • Predrag Dubajic

    Hi Sean,

    I was doing some extensive testing on my end in order to try replicating this issue so we can check what in MarketPress could be causing this but I'm afraid that I was unable to see the issue on my end and adding the product to cart doesn't throw any insecure content issues.
    You can check my test site with Really Simple SSL installed and see that there's no problem with adding the product to cart:
    https://mp3.dubajicp.com/store-2/products/

    There might be some conflict with either your theme or plugins installed.
    Could you please perform conflict test by disabling your other plugins, leaving only MarketPress active, and switching to default WP theme and see if the issue is gone after that.
    That should point us in the right direction.

    Best regards,
    Predrag

  • Sean Neely

    Hey:

    Thanks for the response. I too have done some extensive testing. The latest is that I have created a test site (https://test.leadbank.biz/store/products/), using the Twenty Seventeen theme and have this error reported in console when trying to add products to the cart:

    Failed to load resource: net::ERR_NAME_NOT_RESOLVED

    When you look at the 'resource', it looks like it's trying to access it without the actual domain:

    https://wp-admin/admin-ajax.php?action=mp_update_cart

    Sometimes...not every time...Chrome will allow me to 'load the unsafe script' and I can add the product to the cart...? This happens in every browser though.

    Every plugin currently activated on this site is a WPMU plugin.

    I also cloned this site and then I activate the Really Simple SSL, now, I am no longer able to login to the dashboard of that site (https://test2.leadbank.biz/wp-login.php). It just redirects back to itself with no error, except what you see in console (attached). It looks like there isn't an SSL installed...but there is.

    When I go to the store on the #2 test site, it gives me this error when adding products to the site:

    Mixed Content: The page at 'https://test2.leadbank.biz/store/products/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://wp-admin/admin-ajax.php?action=mp_update_cart'. This request has been blocked; the content must be served over HTTPS.

    Similar error, same result...but a different variation.

    Some more information if helpful: The multisite is hosted on Cloudways and the SSL Certificates are done with Let's Encrypt.

  • Sean Neely

    Hey:

    Okay, I've found one fix in the WPMU support community.

    This is to fix the 'mixed content issue' with Marketpress.

    This fix negates the use of Really Simple CSS to deal with mixed content, so I won't have the login issue in the previous post. Worrisome as that may be, it won't be an issue as I won't be using that plugin.

    This is the post where the solution below was listed.

    Basically, here is the fix:

    In the plugin's code, I have located the code that generates the url for the "Add to Cart" form. In the file: 'marketpress/includes/common/template-functions.php' I have modified the function 'mp_get_ajax_url()' so that it looks like this in shot:

    function mp_get_ajax_url( $path = 'admin-ajax.php' ) {
    $ajax_url = admin_url( $path );
    //code removed
    if( defined( 'DOMAINMAP_BASEFILE' ) ) {
    //code left out
    $schema = is_ssl() ? 'https://' : 'http://';
    if( is_ssl() && force_ssl_admin() ) {
    $schema = 'https://';
    }
    $ajax_url = $schema . $domain . '/wp-admin/' . $path;
    }
    return $ajax_url;
    }