Today we have a rather big update from the backend to announce, as Shivtr has moved entirely to https and now uses SSL throughout our service =)
SSL For Shivtr Subdomains
If you use an official Shivtr subdomain for your site, such as *.shivtr.com or *.wowhordes.com, your site is now served over https by default, and will show the green secure lock in browsers =)
SSL For Custom Domains
If you use your own custom domain name for your site and are on the Epic or higher plan, you can now request an SSL cert for your domain name, and we can apply it for you. A note that you can do this has been added in our features page.
SSL Lock has a warning?
Though your site now should show the green lock, you may encounter an issue where the lock is grey or has a warning with it, saying not all content is served over https.
If you run into this, it is likely due to you including images on your site that are not served over https (for example by linking to an external image in a forum post or news entry). Updating these paths to be served over https will resolve this.
The easiest way to fix this is to use Google Chrome and right click on your page and go to Inspect, then go to the Security tab, you should see it mention Mixed Content. Then reload the page with this open, and it will show you the exact images you need to update.
Domain Names may no longer have "." in them
To support https with our subdomains, you may no longer use a "." in your domain name. The reason for this is because our SSL certs are for *.domain.com, such as *.shivtr.red or *.tyriaguilds.com. If your guild domain was "my.epic.guild.shivtr.com", this would not match the certificate and throw an invalid certificate error in the browser. An easy fix would be to update this example to my-epic-guild.shivtr.com
Bugfixes
- Bank members who are inactive/deleted will no longer show in the Members tab of the Bank.
- WoW Profiles have been fixed to work with updated stats
- Several CSS fixes have been made to the Glare/Scrime themes.
- The image gallery got a fix to its storage calculations to ensure they are correct
That's all for this update. Happy Gaming =)
26 Comments
I fixed some broken image links and a few other little bits and pieces to do with my own customisations but there are a few I can't do anything about:
The YouTube tag is converting https links into http so they don't show up. Example:
https://strokemywookie.com/news_entries/420425
Also getting a bunch of font errors from the auto-generated JS file:
guild-f52fe56e895f1536cb2f2e791dc81354.js
...
"Blocked loading mixed active content βhttp://fonts.googleapis.com/css?family=Play:400,700β"
A bunch of errors with the Pusher service as well:
Firefox canβt establish a connection to the server at wss://slanger.shivtr.com/app/2fbf10893c6659dbd1e0?protocol=5&client=js&version=1.12.1&flash=false.
The connection to wss://slanger.shivtr.com/app/2fbf10893c6659dbd1e0?protocol=5&client=js&version=1.12.1&flash=false was interrupted while the page was loading.
Pusher : Error : {"type":"WebSocketError","error":{"isTrusted":true}}
The maps page doesn't load the map:
https://strokemywookie.com/members/google_map
Loading failed for the <script> with source βhttp://maps.googleapis.com/maps/api/js?key=AIzaSyC5GV5rP-nrVVkBgj5n2lA90c-SdNlPTfY&sensor=falseβ
ReferenceError: google is not defined
Sorry, I know it sucks to see a wall of issues like that. When I started it was just a couple of things I noticed on the front page but then I went through the entire sites main menu and list kinda ballooned!
P.S. I used the Pusher service in a project recently, was very cool moment when the two clients were able to see each other π
Checking on the pusher fix, will report back once its resolved =)
Loading mixed (insecure) display content βhttp://s3.amazonaws.com/s3.mmoguildsites.com/s3/member_avatars/2171627/original.jpg?1494342240β on a secure page
With a single page reload I will see the same error message multiple times for each profile image. It seems to vary, one image is generating 5 warnings, another 4 and another 3.
I see more of the messages if I have clicked the person button and the bottom left panel with all their names is displayed but even if I don't do that and it remains closed I still see a few of the warnings.
Not sure why this didn't show up in my testing last night.
Totally getting there, you're doing an ace job with the transition π
Heh, you're going to hate me but I'm still getting some font issues. This could be due to my hosts file though (I use the MVP list):
Blocked loading mixed active content βhttp://fonts.gstatic.com/s/play/v9/6ae84K2oVqwItm4TCpAy2g.woff2β
guild-c6a0b6f863451dcad72cfdd1e194f5d7.js:3:3097
I get 6 of those errors on each page. Each is the same as above, just the file names are different. Here are the files:
- http://fonts.gstatic.com/s/play/v9/6ae84K2oVqwItm4TCpAy2g.woff2
- http://d2gw6tq9urx11o.cloudfront.net/assets/Noci12-95f2012e0f142fe26f9ee0abdf65e0a8.woff
- http://fonts.gstatic.com/s/play/v9/6aez4K2oVqwIvtU2Hw.woff2
- http://d2gw6tq9urx11o.cloudfront.net/assets/Noci20-7c9cfe41cef7132a370efa1e1f2b03cb.woff
- http://d2gw6tq9urx11o.cloudfront.net/assets/Noci16-e53df16c00ff97ab68cf33c4541ab7c7.woff
- http://www.thesidh.it/templates/ja_methys/fonts/bebas_neue/bebasneue-webfont.woff
What's even weirder is if I open the homepage I see the same 6 errors repeated 3 times in the same order (so 18 error lines in total).Visually, the site is once again showing the correct fonts including Play so not sure why it's complaining that it can't be loaded.
Because when I visit https://strokemywookie.com/ I see the green lock, and don't see these errors in the console...
Our fonts should be loaded over https now when chosen in the theme editor; on my test site at https://8toes.shivtr.com/ loading Play font seems fine with green lock as well.
This line:
http://www.thesidh.it/templates/ja_methys/fonts/bebas_neue/bebasneue-webfont.woffSeems definitely to not be from us; so perhaps somewhere else is loading or changing these fonts? (tho visiting your site as a guest is showing green lock for me)
I checked IE, Edge, Opera, Chrome and FF and it only seems to be FF giving those messages. I think it's trying to be clever but failing. I have a several FF browser instances open and each has several tabs. So one instance is the ever growing selection of docs I have to read, another has the tabs for the site I'm working on etc etc. One instance is all the pending guild related tasks I have to do, so about 15 tabs. Some of those are unsaved site posts so I haven't refreshed the tabs since you implemented the update. My totally "out there" guess is that the new tab in this other instance is trying to load assets or somehow linked to the other older tabs in the other instance. Like I said in the previous post, visually everything looks fine to me so I'll just ignore the messages and take it as motivation to chew through some more guild-work next time I take a break from work-work π
Thanks for looking into it, apart from FF being naughty it seems everything is hunky-dory, good job π
Out of curiosity, any ETA on that mobile responsive update? I'm super stacked with the things I'm working on so I'm kinda nervous about logging in and finding you've gone live with it when I don't have time to update the theme. At the same time though, it's exciting that you're doing it π
For the mobile update, its pretty big as shivtr has many sections; so its a few months away at least =)
Thanks for the ETA, it lets me plan my time out better π
https://strokemywookie.com/forum_threads/2827917
Dalgen, the first reply was deactivated a few weeks ago and his profile image still has the insecure path.
(our cache should fully clear out old ones soon, we set expiry for 1 week, and while it can last longer, it usually gets cleared shortly after due to new content taking the spot)
Non-secure origins
http://static-assets.shivtr.com
Mixed Content: The page at 'https://thedraeneifellowship.shivtr.com/gallery' was loaded over HTTPS, but requested an insecure image 'http://static-assets.shivtr.com/images/promo/noise/728x90.jpg'. This content should also be served over HTTPS.
Otherwise, great job fixing bugs and cleaning things up! I love Shivtr.
It would be very nice if event calendar had these abilities:
- Ability to export an event from event calendar to Google calendar and/or iCal format.
- Ability to see a summary of all the events one has signed up for.
- Ability to have notifications send to email (x hours/minutes) before the event one has signed up for is about to start.
I've got three requests:
In the Layout Manager could you let us have more than one text/HTML block in the center column please? To show what I mean, I added a HTML and a Text block to the bottom of the About Us page. Neither show up. It doesn't matter if one is deleted or the order reversed. Only the main content block is visible. This only affects the center column. The home page seems to work differently and I can add as many text/HTML blocks as I want and they all show up.
The second request is for an addition to the Forums side block. It would be great if we could pick a specific forum to show newest posts from. An example of its usage is that we have a Raid Squad Recruitment forum. Each raid team creates a new thread when they are recruiting and any random raiders that want to join a team do the same. It would be nice if those posts could be displayed in our sites sidebar.
The third is an automatic event countdown side block. It would show a list of events and a countdown till their start time. Icing on the cake would be if we could hide certain events from it, maybe a new tickbox on the event page "Hide from event tracker". The calendar at the top of our site shows the kind of events to hide: https://strokemywookie.com most of the darker faded out events are for our progression raid teams. No point displaying those in the event countdown. I think this would help with the various timezone issues. Despite us posting a link for people to set their timezone on the website on all new applications there is still a fair few people who get it wrong. Gets even crazier when we switch between GMT and BST π
If you were logged in you could add your comments to the discussion!