Closed InclusiveHost closed 8 years ago
JanVoracek
commented
8 years ago WP probably cannot detect HTTPS on your webserver (WP function is_ssl returns false). You can try to investigate why this happens (probably some missing HTTP headers). Or I found this plugin that should fix it – https://wordpress.org/plugins/ssl-insecure-content-fixer/.
InclusiveHost
commented
8 years ago Thank you, the plugin you suggested did the trick. I had to change how Wordpress detects HTTPS pages to use "HTTP_X_FORWARDED_PROTO (e.g. load balancer, reverse proxy, NginX)"
borekb
commented
8 years ago Cool, glad it helped. Can we close the ticket?
InclusiveHost
commented
8 years ago Indeed we can :)
ghost
commented
6 years ago mod_security error 403 ON access
Our WordPress-powered website operates completely in HTTPS mode, including the Dashboard. Unfortunately this causes the VersionPress page to not load properly. In Google Chrome, the following errors appear in the Console:
Mixed Content: The page at 'https://www.inclusivehost.com/wp-admin/admin.php?page=versionpress#/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://www.inclusivehost.com/vp-json/versionpress/display-welcome-panel'. This request has been blocked; the content must be served over HTTPS. Mixed Content: The page at 'https://www.inclusivehost.com/wp-admin/admin.php?page=versionpress#/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://www.inclusivehost.com/vp-json/versionpress/commits?page=0'. This request has been blocked; the content must be served over HTTPS.
It would seem that these URLs are loaded insecurely from the following JavaScript:
https://www.inclusivehost.com/wp-content/plugins/versionpress/admin/public/gui/app.js?ver=4.3.1
How can this be resolved?