Support » Fixing WordPress » Insecure URL due to core css (wp-include/logcurl)

  • Resolved jjk697

    (@jjk697)


    I’m setting up my existing site to use SSL everywhere by changing the WordPress and Site address prefix.

    It works as expected, but I’m getting an Insecure URL error from a Core file:

    wp-includes/logcurl: line 130
    background-image: url(http://none);

    I know not to modify Core files, but when I remove that line of code and clear cache/reload the site, it is still there. Can someone advise how to get rid of that insecure URL warning?

Viewing 4 replies - 1 through 4 (of 4 total)
  • Moderator Steve Stern

    (@sterndata)

    Support Team Volunteer

    logcurl.php is not a core file. What’s the full path to that file? Are you sure it’s not a theme file?

    I’m using whynopadlock to check for site insecurities and I get:

    Insecure URL: http://none/

    To be fair, I’m only assuming it’s from wp-includes/logcurl because when I grep my entire directory for “//none”, it is the only file that contains the string.

    Moderator Steve Stern

    (@sterndata)

    Support Team Volunteer

    I just grepped a download of wordpress and there’s no string “//none” there.

    What’s the actual file name? if it’s just “logcurl” with no extension, I would assume you’ve been hacked.

    The file is in wp-includes and is called just logcurl. I guess that partially solves the mystery since it shouldn’t be there!

    I’ll consider this a rogue file and investigate further.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Insecure URL due to core css (wp-include/logcurl)’ is closed to new replies.