Support » Fixing WordPress » Insecure URL due to core css (wp-include/logcurl)

  • Resolved jjk697


    I’m setting up my existing site to use SSL everywhere by changing the WordPress and Site address prefix.

    It works as expected, but I’m getting an Insecure URL error from a Core file:

    wp-includes/logcurl: line 130
    background-image: url(http://none);

    I know not to modify Core files, but when I remove that line of code and clear cache/reload the site, it is still there. Can someone advise how to get rid of that insecure URL warning?

Viewing 4 replies - 1 through 4 (of 4 total)
  • Moderator Steve Stern


    Support Team Volunteer

    logcurl.php is not a core file. What’s the full path to that file? Are you sure it’s not a theme file?

    I’m using whynopadlock to check for site insecurities and I get:

    Insecure URL: http://none/

    To be fair, I’m only assuming it’s from wp-includes/logcurl because when I grep my entire directory for “//none”, it is the only file that contains the string.

    Moderator Steve Stern


    Support Team Volunteer

    I just grepped a download of wordpress and there’s no string “//none” there.

    What’s the actual file name? if it’s just “logcurl” with no extension, I would assume you’ve been hacked.

    The file is in wp-includes and is called just logcurl. I guess that partially solves the mystery since it shouldn’t be there!

    I’ll consider this a rogue file and investigate further.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Insecure URL due to core css (wp-include/logcurl)’ is closed to new replies.