Welcome to WebmasterWorld Guest from

Forum Moderators: Ocean10000 & incrediBILL & phranque

Message Too Old, No Replies

Images Not Displayed Only When Using SSL -Help?

Images Not Displayed Only When Using HTTPS, but OK Using HTTP



10:52 pm on Nov 5, 2007 (gmt 0)

5+ Year Member

Created new web site and everything works perfect under the HTTP: URL, but when I change it to the HTTPS: URL, the images (and style sheet) don't appear.

The server logs report:
"GET /images/photo.jpg HTTP/1.1" 403 219 "https://www.mydomain.com"
"GET /css/stylesheet.css HTTP/1.1" 403 219 "https://www.mydomain.com"

But, everything looks PERFECT using the [mydomain.com...] (and gives a 200 code in server log)

I've seen others with a similar problem, but they are using specific shopping carts. For the moment, this is just an ordinary page with a couple images with an SSL. (Eventually it will be an e-commerce site).

(This is a GoDaddy Virtual Dedicated server running Apache 2.2 & Fedora Core 6 + mod_ssl 2.2. I have FULL access to all files and directories on this server.)

I'm gonna bet this is probably just a simple configuration file setting, but I'm kinda lost where to go from here. I think I understand that the request must be an HTTPS request and not an HTTP request, and the log files report an HTTP request. I've changed the URL in the web page to directly call the link as
(ex: [mydomain.com...] but it doesn't fix it and the server logs still show 403 errors.

Somehow I need to change the HTTP request to an HTTPS request, right? If so, How? Maybe it's a permission setting? It's something stupid and simple, I just know it!

Thanks in advance!

~Mike (SSL newbie)


6:05 pm on Nov 6, 2007 (gmt 0)

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member

Anybody here who does SSL on GD and can help out?

A lot depends on just how GD configures your SSL versus non-SSL server...



8:19 pm on Nov 6, 2007 (gmt 0)

10+ Year Member

I do not know anything about Godaddy, but I have been down the route of putting both http: & https: on the same domain, and it is a mistake. Create a subdomain for your https: & save yourself a lot of grief.



10:50 pm on Nov 6, 2007 (gmt 0)

5+ Year Member

What's the best way to do this?

Are you suggesting having something like this:


where a URL of [mydomain.com...] would redirect (using .htaccess) back to [subdomain.mydomain.com?...]

Could this work?

I've already got the domain and certificate set up, but I'm sure I could change it. I'm assuming it would have to be re-issued.

Thanks for the input.


12:57 am on Nov 7, 2007 (gmt 0)

5+ Year Member


Within my lengthy and elaborate .htaccess file to keep my new server protected from all the infidels and hoodlums on the Internet who have way too much time on their hands, I created a section to prevent hotlinking images (and .css files -why not?).

In oversight, I defined the RewriteCond as from HTTP and not HTTPS.

(That's what I get for being new to SSL's, huh?)

So, here's a big Homer Simpson D'oh! going out from me to everyone who pondered my self-inflicted problem (see: 'typo').

I hope at least someone will be able to learn from my mistake someday (I sure did)!

Thanks for such a GREAT portal! Keep up the good work everyone!


2:07 am on Nov 7, 2007 (gmt 0)

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member

You can define it for both http and https simply by starting the referrer-checking pattern with "^https?://" which makes the "s" optional.



Featured Threads

Hot Threads This Week

Hot Threads This Month