Google Analytics over HTTPS

I recently integrated WordPress with Zen Cart. The effort combined two amazingly powerful platforms into what appears to the visitors as a monolyth site with consistent look and feel. The actual effort is described in detail in this little HOWTO.

Among other things, I used the simple trick of having Zen Cart invoke WordPress footer (footer.php) on every page. So far so good… until I tried to run my fifth live transaction.

I got theat pesky “page contains secure and non-secure elements” warning.

Much code searching caused some minor rewrites and reconfigurations, but the warning was not going away. The pages looked exactly same whether I allowed or disallowed non-secure elements, thus adding to my confusion.

Turned out, it was Google Analytics. By default it loads its tracking script from a non-secure server. To muddy the waters some more, the wonderful Google Analyticator plug-in (yes, I still love it) was not even invoking the script as long as was authenticated as the admin. Excellent feature for data precision this time turned against me.

Bottom line:

  • Yes it is possible to run Google analytics over https. Aminor change in the embedded code takes care of that:
  • None of the existing WordPress plug-ins offer such an option natively (but two minutes with a text editor and a visit to Google FAQ would fix that).
  • If you choose to edit someone else’s plugin, keep in mind that some pluginsalso use javascript to track outgoing links. You will have secure that one as well.

Good luck!

My solution: I made sure that wp_footer is not invoked by my Zen Cart. I’ll have to find a Zen Cart – specific plug-in for that part of the site. Oh well…

About this entry