PLEASE NOTE: These forums are no longer utilized and are provided as an archive for informational purposes only. All support issues will be handled via email using our support ticket system. For more detailed information on this change, please see this blog post.

How can I get the forms to submit via HTTPS / SSL ?

  1. Like in wp-config.php, the ability to specify that wp-login.php use SSL when logging into wp-admin ... How do I get JUST the form(s) on the page to be SSL if the whole page is served HTTP / non-SSL ?

    Posted 12 years ago on Tuesday June 5, 2012 | Permalink
  2. David Peralty

    I don't think there is any way currently to do that. There is no setting currently in Gravity Forms to help force a single page to be SSL, neither is there a setting or hook to do so within WordPress. You might want to look at some SSL plugins to see if they offer a single page option, but beyond that, I'm sorry, I don't know of an easy way.

    Posted 12 years ago on Tuesday June 5, 2012 | Permalink
  3. Can this be an enhancement request please?

    Posted 12 years ago on Tuesday June 5, 2012 | Permalink
  4. I used the wordpress https plugin and it was very easy to simply check Secure Post or Secure Child Posts on the edit page screen of the page where my form is located. http://mvied.com/projects/wordpress-https/

    Posted 12 years ago on Tuesday June 5, 2012 | Permalink
  5. David Peralty

    I wondered if that plugin had it available, but I'm swamped with requests today and didn't have a chance to look. Thanks inchwormwv.

    Posted 12 years ago on Tuesday June 5, 2012 | Permalink
  6. I am aware of ways the ENTIRE page can be served HTTPS / SSL, but I am asking if the page can be served via HTTP and the form -- JUST the form -- can be HTTPS / SSL... the way you can login to WordPress at http://site.com/wp-admin/ but the actual login form behind the scenes is https://site.com/wp-login.php

    That's what I want.

    Thank you.

    Posted 12 years ago on Tuesday June 5, 2012 | Permalink
  7. David Peralty

    You can't serve part of a page through HTTPS/SSL. As you can see, the entire login form page is HTTPS. You can set a page with a form to be HTTPS as well.

    Posted 12 years ago on Tuesday June 5, 2012 | Permalink
  8. You can't do this the way Gravity Forms works. In order for the form submission to be secure, the page must be secure.

    Yes you can make a form post securely by making the action post to an https:// URL but that is not the way Gravity Forms works. Gravity Forms uses the current page URL as the form action. So if the current page URL is not https:// then the form action will not be http://.

    Because of this, the page loading a form that should be displayed and processed securely must be loaded via https://.

    On top of this, users are conditioned not to submit secure information such as credit card data if the page is not secure. Making the form action secure itself doesn't satisfy this conditioning because they don't know the form is going to load securely, they will look at their browser and see that the current page is not secure... which would (and should) then make them weary about submitting the form with their credit card information.

    It's far better to load the page containing the order form securely from a usability standpoint and this is why Gravity Forms behaves this way.

    Posted 12 years ago on Wednesday June 6, 2012 | Permalink