Support » Fixing WordPress » Site Editor loading insecure resource (http://)

  • The new Site Editor does not want to load for me, only a white page. Even with a clean WordPress install and database the result is the same.

    Browser console shows:
    Mixed Content: The page at 'https://mysite.com/wp/wp-admin/site-editor.php' was loaded over HTTPS, but requested an insecure resource 'http://mysite.com/wp/?_wp-find-template=true'. This request has been blocked; the content must be served over HTTPS.

    URL’s in wp_options both have the correct https address.

    Strangely, i can edit posts and pages and access the template editor from there just fine. Any help would be appreciated. I don’t know where to look.

    Wordpress 5.9 + Twenty Twenty-Two

Viewing 8 replies - 1 through 8 (of 8 total)
  • Did you install WordPress on your local computer? If yes, maybe you’re enforcing force HTTPS redirect in your webserver configuration resulting in Mixed Content issue.

    You can also try clearing your browser’s cache and see if the problem still persists.

    For a quick solution, you can install plugins that automatically redirect all the we HTTP requests to HTTPS requests.

    Thread Starter mmxxi

    (@mmxxi)

    No it’s hosted on a server. Certificate from Let’s Encrypt. And it does have a Force SSL option enabled, but shouldn’t that prevent this issue rather than cause it?

    Are these SSL plugins still necessary? I was hoping to use as few as possible..

    Why would the site editor, and only the site editor, suddenly lose the SSL for no reason on a clean WordPress install? That seems like a WordPress issue.

    The next step I would recommend is to try clearing PHP cache such as OPcache. If you are using a content delivery network such as Cloudflare, you can clear your cache by following this guide.

    Additionally, WordPress hosting often has a special cache feature.

    You can also try the “Purge Varnish”/”Flush Memcache” tool if your hosting provider offers that feature. You can also contact your hosting provider to flush Memcache and Varnish for you if necessary.

    Thread Starter mmxxi

    (@mmxxi)

    OPcache disabled, browser cache cleared.

    It’s not WordPress specific hosting.

    Varnish is for premium users only, and RedisCache has not been enabled.

    It’s always been using/forcing SSL, and the site editor didn’t even exist before this. So I’m not sure why any cache would be the issue. Did i mention it’s the same with a clean installation and database (in a different subfolder)? :/

    • This reply was modified 6 months, 2 weeks ago by mmxxi.
    Thread Starter mmxxi

    (@mmxxi)

    Also, installing a SSL plugin does not help. Not surprising i guess since there isn’t any user content to fix, and the hosting is already forcing SSL.

    I see, I’m sorry, but I can’t help you with that due to how rare and difficult the issue can be reproduced. If you found a solution, I’d be happy if you could share it here.

    Thanks!

    Thread Starter mmxxi

    (@mmxxi)

    Yes i will,

    But are we in agreement that something in Worpress’ coding is doing this, or can it still be something else? Could the ‘Force SSL’ option of my hosting be lacking?

    Thread Starter mmxxi

    (@mmxxi)

    Maybe something can be inferred from the htaccess?

    This is what WP has created for me:

    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
    RewriteBase /wp/
    RewriteRule ^index\.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /wp/index.php [L]
    </IfModule>
Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘Site Editor loading insecure resource (http://)’ is closed to new replies.