request has been blocked

  • Resolved lmayer1875

    (@lmayer1875)


    5 years, 1 month ago

    Hello,

    I was tasked with building a new webserver so I restored a backup of production to the new one. I then installed an SSL certificate in IIS and told wordpress to show site in HTTPS. Now when we run the page it gives us the message secure content cannot be displayed. When I run the developer tools in chrome it tells me:

    Mixed Content: The page at ‘https://web/locations/’ was loaded over HTTPS, but requested an insecure stylesheet ‘http://web/wp-content/uploads/advgb/custom_styles.css?ver=5.1’. This request has been blocked; the content must be served over HTTPS.

    I tried deactivating the plugin and reactivating it and it didn’t help. IS there anything I can do to fix this? Do you have to install the SSL cert first then restore the wordpress website?

    Thanks

    Laura

Viewing 3 replies - 1 through 3 (of 3 total)
  • G Michael VanTassle

    (@oathcoaching)

    5 years, 1 month ago

    That sounds like your site is misconfigured. You may need to have your WordPress site “rewrite” all URLs to force them to https. Are you able to manually change the webserver configuration? If so, look for the file named .htaccess in the root directory of your website location (in my setup, it’s in public_html) and have it edited to include the following information. For the first set, that’s to force everything over to SSL, and the second one is to help block scripted hack attempts for your website:

    # BEGIN GD-SSL
<IfModule mod_rewrite.c>
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_USER_AGENT} ^(.+)$
RewriteCond %{SERVER_NAME} ^oath\.coach$ [OR]
RewriteCond %{SERVER_NAME} ^www\.oath\.coach$
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
Header add Strict-Transport-Security "max-age=300"
</IfModule>
# END GD-SSL

# Block the include-only files.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^wp-admin/includes/ - [F,L]
RewriteRule !^wp-includes/ - [S=3]
RewriteRule ^wp-includes/[^/]+\.php$ - [F,L]
RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L]
RewriteRule ^wp-includes/theme-compat/ - [F,L]
</IfModule>
    Thread Starter lmayer1875

    (@lmayer1875)

    5 years, 1 month ago

    Thanks for that but it didn’t help. It appears to be a problem with the Advanced Gutenberg plug in not wordpress itself.

    JoomUnited support

    (@viennguyen)

    5 years, 1 month ago

    Hi, you should check and ensure value of the WordPress address and Site address in the page Settings -> General are https://&#8230; . Many peoples forgot to update these settings after installed SSL.
    Cheers,

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘request has been blocked’ is closed to new replies.