I have my page and the console shows error:
Mixed Content: The page at 'https://abcde.com/blog' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://abcde.com/?option=com_content&id=0&task=ajax&page=0&lang=pl-PL&extra_page_only=0'. This request has been blocked; the content must be served over HTTPS.
I search in my com_content but there is no reference to http or https
<a href="/index.php?option=com_content&id=<?php echo $this->id;?>&task=<?php echo $this->ajax;?>&page=<?php echo $this->next;?>&lang=<?php echo $this->lang;?>&extra_page_only=<?php echo $this->extra_page_only;?>">
Where should I search for answer? Where is it defined globally to change http:// into // ?
Thank you!
This issue happens when you have an HTTPS redirect in your .htaccess file, but you have not modified your Joomla configuration settings to use HTTPS. As the previous answer stated, you can do that by going to the System -> Global Configuration page, and then clicking on the Server tab, and finally changing the value of "Force HTTPS" to "Entire Site".
Log in to the back end of the website and set System -> Global Configuration -> Server -> Force HTTPS to "Entire Site".
Related
I have a codeigniter project. Recently I deployed it with SSL. And I forced my site to use Https from http by modifying in .htaccess and changed baseurl too. The problem is I have a registration and login form . When changed from http to Https the form doesn't submits and the entry in dB is also not made...,any thing till I wanna change?
Make sure the value of base_url in config.php uses https, i.e.
$config['base_url'] = "https://example.com/";
Usually it because the html try to load non https sources.
You can see the blocked requests on chrome console.
Make sure all your sources (css, js, fonts) are loading with relative urls, anr\or change hard-coded and external links to https
I've a server with 3 Wordpress. With one of them, I've changed (add an "s" after http) two URL in General Settings Wordpress Adress and Site Adress.
Since I've do that, I'had ERR_TO_MANY_REDIRECT error. So I've add theses lines in my wp-config file :
define('WP_HOME','http://www.mywebsite.com/wordpress/');
define('WP_SITEURL','http://www.mywebsite.com/wordpress/');
And now I've an error Mixed Content: The page at '<URL>' was loaded over HTTPS, but requested an insecure script '<URL>'. This request has been blocked; the content must be served over HTTPS.
A lot of files (like CSS) is not recognised and I'can't access to my wp-admin.
I don't know what to do and I don't understand why the problem is on my 3 wordpress if I had change that in one of them...
Can you help me please ?
I've found a solution :
Comment my rules for HTTPS in my .htaccess.
Access to my wp-admin ( I can access now )
Install the plugin SSL Insecure Content Fixer
Now I can access to my different Wordpress in HTTPS
When you host a site on secure domain i.e. (https://) you cannot use insecure URL's in your files (http://) so the options with you are you use SSL on other servers as well.
You can try Certbot for installing SSL certificate on your other servers.
I am facing Mixed content warning when i am trying to load files from http to https.
But now i am planning to move my site from http to https.
I need to know whether files will be loaded from
https -> https
https > http
without any issues.
Thank you.
Short version: YES, you will still face mixed content if the below cases are not treated, even after migration to https.
If you're migrating your website from http to https these are the two cases you need to consider that would still result in mixed content warning :
Your website is on https but you still have absolute paths starting with http:// in the source code ; you need to change them in the code
Your website contains URLs to external resources ( again absolute urls ) and they start with http:// ; in this case you need to check if the 3rd party serves content on https then change the URL accordingly; if not, you could just remove the http:// urls to get rid of the warning ( or make a copy of the resources locally and serve them on https )
Just add the 2 script versions one with http in from and one with https just make sure the https files support https or it won't work still! Or if there on your system just add /file path and if not you can try to have files be //external file path don't add https or http in them!
As said on the title, whenever I log to my admin page in Wordpress I get this notice in console:
Mixed Content: The page at 'https://site-url' was loaded over HTTPS, but requested an insecure favicon 'http://site-url/wp-content/uploads/2017/06/cropped-cropped-logo-square-192x192.png'. This content should also be served over HTTPS.
Also, I tried to load another favicon using Appearance->Customize, but it is still loaded over HTTP.
Is this a Wordpress bug? or how can I solve this so this warning does not appear?
For everyone still searching:
Go to: Settings - General and change http to https in both URLs
I ran a quiz website which is based on PHP-Codeigniter, recently I have added an SSL certificate. I have changed the base_url to start with https, everything was ok unless I started creating a quiz for that js need to do some function but all browser is blocking it.
Error detail:
Mixed Content: The page at 'https://website.com/quiz/index.php/quiz/add_new' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://website.com/quiz/index.php/qbank/get_level_question/0/2'. This request has been blocked; the content must be served over HTTPS.
send # jquery.js:2
jquery.js:2
Note: I can't access the link http link directly to change it to https.
I don't know much about servers/php. I access by website via Cpanel. I can copy and paste codes:)