display posts shortcode broken
-
Hi, I have been using this shortcode for awhile to create an excerpt of author bios below their work published to our site. Up until recently it was working fine but now when I publish a post using the shortcode, the link that appears in the excerpt is https so anyone who clicks on it is receiving the security warning that says our site may be trying to steal your content, etc…
It does not happen every single time and it is in fact rather unstable behavior because this past week several posts would be fine one day – no https issues and then the very next day the link would be an https link showing our readers that awful error message. I am really worried that people will think the site is unsafe now. It’s basically the same https error code you get because the domain points to wp servers and not the domain name, which by the way I have had constant issues with since the blog became public in 2012 (when is that no longer going to be an issue?) Anyway, I really need someone to respond who is actually going to help and take the issue seriously – not someone who is just going to say <i>well then don’t use the shortcode.</i> That answer is unacceptable and I see too many responses like that here which is not helpful nor addressing the problem Screen shots are available…P.S. Cache / history cleared – no change
Checked site in alternate search engines: chrome, firefox, ie – no change
when viewed from post editor the permalink to the excerpted post is not an https link and preview is fine (??)Please help.
The blog I need help with is: (visible only to logged in users)
-
Staff have been implementing the more secure https on on our blogs and that is giving rise to your issue. Note this HTTPS support doc, http://en.support.wordpress.com/https/ SSL certificates need to be signed to a specific domain, and Staff can’t provide certificates for every mapped domain, so our certificate is signed for WordPress.com. To access your site without a certificate error we use the HTTP version of your site’s URL. http://en.support.wordpress.com/https/#frequently-asked-questions
As you are experiencing trouble with this I tagged this thread for Staff assistance. Please subscribe to it so you are notified when they respond. To subscribe look in the sidebar of this thread, find the subscribe to topics link and click it.
-
-
You can see it at the bottom of any one of the posts on this page – where the excerpt author bio is…
http://snappingtwig.com/category/poetry/Thank you for your time and assistance.
-
@timethief thanks for your help. I have followed the instructions in the support docs several times with no fix, and I would so appreciate some solution to this issue because wp users are not the only ones who see these security error messages when they occur. Logged out users, followers and readers get hit with this message as well which is why I see this as a big cause for concern since any non-wp user will not understand that there is no legitimate site threat and I think it is thus a big issue – not something that should be taken lightly. We have lots of readers who aren’t wp users and I would prefer not to lose readership because of this problem. Thanks for your time and assistance.
-
Hi there!
The only way I was able to get a security warning to pop up was when I visited your site using https:
Because you have a custom domain, starting your site’s links with https will display a security warning.
http://en.support.wordpress.com/https/
I don’t see any error when the domain starts with http though, even on on of the posts using the Display Posts shortcode.
http://snappingtwig.com/2015/02/25/landscaping-in-betweenness/
This doesn’t look like an issue with our shortcode. You’ll need to make sure when you share links to your site, you use http instead of https.
Let me know if you have any more questions!
-
I just want to mention, I did an SSL Configuration scan at godaddy which grades the encryption (among other things) and got the worst score possible – one of them being that the dns and domain do not match. I don’t know how to fix these issues since I bought my domain through wordpress its a wp hosted site but one consequence of this low score is strong browser warning messages. Please if there is any way to upgrade this issue to high priority I would really appreciate it. I am concerned about posting to the site until this is resolved and we run a new magazine so can’t afford to lose readers right now. Thanks
-
But the links do not start with https – that is what I am saying. I have a post waiting in draft right now which I have not published yet because the link created by the display posts shortcode is currently showing as https which means once published anyone who clicks on it will receive that security warning. But if you want me to publish it so you can see that the link it creates is https and not http – then I am happy to do that now. Link to follow next…
-
Here, look – scroll down to the excerpt where the author’s name is a link and hover over it – it is an https link – when I click on it I am not receiving the error message now for some reason but when you hover over it your browser page will show you it appears as https (bottom left hand corner is where it usually appears). I think since when you click on it (THIS TIME) it goes to a page that is not actually https, it is not showing the warning. But I have been receiving non stop warning messages as well as other users so IT IS an issue. If I keep posting I guarantee I will run into it and have screen shots from two days ago so do you need those or what can I do to prove that there is actually a problem?
-
-
Just to confirm – I am NOT sharing links and I am not using https – if you guys ignore this, that is going to cause a much bigger issue. Please do not pass this off as nothing or as me being a beginner user who doesn’t know what they are talking about. There IS a problem and it is going on in wp. Please do not disappear.
-
I am referring to the link that are created by the shortcode so how it could not have anything to do with the shortcode??
-
You can also see the hideous report from the ssl checker here if you’re interested… https://sslcheck.casecurity.org/en_US/sslcheck?host=snappingtwig.com click on more details to see why it received this score.
-
Let’s take a step back.
When you connect to your Dashboard over an HTTPS connection, we use an SSL certificate to encrypt your connection. SSL certificates need to be signed to a specific domain, and we can’t provide certificates for every mapped domain, so our certificate is signed for WordPress.com. This means your while your snappingtwig.wordpress.com domain does has an SSL certificate, your mapped domain, snappingtwig.com does not.
You can read more about that here.
https://en.support.wordpress.com/https/
That’s what Shawna meant when she said the issue wasn’t connected to the shortcode.
Also, just to be clear, when I click the link you provided
http://snappingtwig.com/2015/02/28/water-at-stone/
I don’t get any SSL warnings at all.
-
Yes, I know you are not getting the error messages NOW because I have corrected all of them over and over and over again. I basically had to edit the posts until the link was correct. I have freaking screen shots and I am the customer. I don’t know why I have to remind you of that. in other words – stop arguing with me about there not being a problem. I had to battle it ALL week.
Thanks SO much for your Incredibly helpful support!!!
-
-
Is there anyone inside WP that takes their users seriously? When they are hired, can you please have them contact me? Thank you so much.
-
These are our support options http://en.support.wordpress.com/help-support-options/
This is a peer support forum where Staff and Volunteers work together cooperatively to provide WordPress.com support. Volunteers answer the majority of all support questions and when we cannot provide support we tag threads for Staff assistance.
Every Volunteer and every Staff member here take what all of our bloggers have to say seriously. In this regard ie. when it comes to feedback and getting technical support those bloggers who have paid for upgrades like you have for your blog and like I have for my blogs are not special. That’s because we get exactly what we pay for when we purchase any upgrade, so playing that card is not going to change the fact that SSL encryption is not yet available for domain mapped WordPress.COM blogs just as I stated here https://en.forums.wordpress.com/topic/what-to-do-if-someone-has-copied-my-site-and-republished-without-my-consent?replies=14#post-2289814
Your tenor and tone in forum threads like this one and this other one https://en.forums.wordpress.com/topic/what-to-do-if-someone-has-copied-my-site-and-republished-without-my-consent?replies=14#post-2289821 may indicate that you may feel you will be better served by hiring a web host http://wordpress.org/hosting and setting up a wordpress.ORG install. Read the differences here please https://en.support.wordpress.com/com-vs-org/
-
Wait a second, let me just say that I do not think that my tone is out of line. I have every right to defend my unhappiness with this issue as well as with the response I am getting from this forum which has been less than helpful so please why don’t you let someone else respond because you alone are actually making this situation much worse and I would prefer if someone else helped me. Thank you for your time.
-
you alone are actually making this situation much worse
Nothing I posted in either thread you created on this https security issue has made any impact at all on the fact that SSL encryption is not yet available for domain mapped WordPress.COM blogs.
Moreover, as you have an upgrade you can use the support options http://en.support.wordpress.com/help-support-options/ where is clearly states:
If you have a paid upgrade, please use the “Contact Support” form, where you will receive a choice of having staff answer your question publicly or privately.
- The topic ‘display posts shortcode broken’ is closed to new replies.
WordPress.com Forums 