The browser says a client-managed site is insecure. If I check in Firefox > Media, I can see no files delivered over http://.
If I check https://www.whynopadlock.com/results/11d3f0c2-a944-43c0-922a-92a0cbe7b5c2 it says there are 3 image files delivered over http://
http://www.vivescoal.com.au/wp-content/uploads/2017/06/logo.png
http://www.vivescoal.com.au/wp-content/themes/balance/images/button_icon.png
http://www.vivescoal.com.au/wp-content/themes/balance/images/dark_backgrounds/background9.jpg
I can't find these URLs in the database, nor in the parent theme or child theme.
Help appreciated to see where in the site these files are being called.
Since I cannot add images to comment, I'm adding it here. This is what I see is happening:
The image is called from a different domain, then redirected with a 301 to the non-https version. There is either something wrong in the litespeed configuration or the webserver configuration of that domain. It should not be redirecting https to http.
Related
Instead of genuine Mixed Content issue this seemed like more of a Wordpress issue hence posting here to find a resolution.
I have everything setup to work with https, though there is no valid certificate yet. here is the home page url https://tourpoule.nl. The home page loads but with Mixed content errors which seem to be generated by core Wordpress or theme functions. Attaching image:
Database does not have any url which would start with http://. I already have replaced them using search and replace script.
There is nothing in htaccess file except basic Wordpress setup code. I tried renaming it as well. I cleared all types of cache but still it does not work. The site is using twentytwenty theme and if I comment out css and javascript enque lines, some of the errors disappear but styles and scripts do not load(that is normal I know).
In the view source of page it shows mixed urls, some with https and style and javascript urls without https. see below:
Interestingly if I click a stylesheet url i.e. http://new.tourpoules.nl/wp-content/themes/twentytwenty/style.css?ver=1.0 it redirects to https://new.tourpoules.nl/wp-content/themes/twentytwenty/style.css?ver=1.0
I am not sure what is going on and have got struck. I am not able to reach the client so that we can discuss turning ssl redirection off in nginx for this domain where it is redirecting everything to https if it is not https. Not sure if that is causing issue (I believe it is not as it has nothing to do with Wordpress mechanism to generate urls). Any help or direction is greatly appreciated.
I can see your website is still unsecured, for what it's worth, get yourself letsencrypt ssl.
Back to you question, go to your database, open the wp_options table, change the siteurl item to https://tourpoules.nl and also change the home item to https://tourpoules.nl.
If you have used search and replace DB master script or plugin it will not update inside meta files as well as and check for the function file have you Enqueue with https://
So will be better if you download SQL file and replace with below:
From:
http://new.tourpoules.nl
To
https://new.tourpoules.nl
and re-upload again
I've successfully added SSL on my WordPress website and it's every URL is working well with https URL but there seems all images is missing. In dashboard, all images URL is converted to https URL but in front-end they are not showing any URL it just seems like
Please anyone could help me to solve this issue?
This is likely because the URLs to the images are now http, and may be being blocked by browser security settings. There's a handy plugin I often use to help sort out issues like this called Really Simple SSL:
https://wordpress.org/plugins/really-simple-ssl/
This plugin manages the URLs to include the correct protocol, etc. You may need to change any hard-coded URLs in your theme that do not use https however.
I have a website running in Nginx and Cloudflare. It has several url checks and redirection. For example, when use hits example.com, they will be redirected to example.com/en/, these are done in nginx. In Chrome and Firefox they all work fine, but in Safari, when I hit example.com, it becomes:
http://example.com/en/,%20http://example.com/en/
This is causing 404. Any suggestions?.
This definitely wouldn't be coming from CloudFlare's side unless you've manually created a PageRule to redirect content on your site. If you haven't manually created a PageRule at CloudFlare though you can rule out that as the location/cause of the issue.
If you have created a PageRule at CloudFlare to redirect content I'd suggest opening a support ticket directly with CloudFlare so our support team can review your specific account settings.
p.s. I work at CloudFlare.
I spent my whole day configuring my wordpress website to use cloudflare flexible ssl.
I use WP HTTPS plugin and cloudflare page rule to redirect http to https.
It's working very well on firefox and IE but in chrome it's saying:
The page at 'https://mrbladedesigns.com/' was loaded over HTTPS, but is submitting data to an insecure location at 'http://mrbladedesigns.com/': this content should also be submitted over HTTPS.
One more thing I want to tell you guys that now also my wordpress address and Site address is HTTP in wordpress admin settings
I removed all of the insecure content but have no idea on how to resolve this.
Any help will be appreciated!
Just disable W3 Total Cache, https cloudflare will working fine.
I actually tried this as well but with more success. From your description it sounds like you have an issue with insecure content being loaded. This happens when you load the page via https but content is loaded via http.
The ssl insecure content fixer plugin will help you with most of your problems, but other problems will have to be fixed manually by changing http references in your html code to https.
never mind I fixed it, SSL insecure didn't worked for me, the root cause of this problem was the search bar on my homepage. Here's the fix: under WP HTTPS settings at the end there's an option Secure filters. Just write /?s there and save it! Done!
On a Drupal 6 site we can't figure out why pages, other than the home page, refuse to be accessed in https. Accessing any page on the site, except the home page, immediately redirects back to itself at http.
Apache is correctly setup with a valid SSL certificate.
I'm certain its not the .htaccess file. There's no rewrite rules regarding https or port 443.
I added $conf['https'] = TRUE; to the settings.php
I installed the Secure Page module and configured it to secure the page we want, but it causes a redirection loop ending in a browser error.
No other modules that I can see relate to http vs. https
I can't find any admin settings regarding the base URL that would force this behavior.
I have a lot of experience with server admin, LAMP software, and a little with Drupal, but this one has me stumped. Any hints or suggestions would help me a lot.
Check to see if base url in settings.php is set to the http address. This can cause this behavior.