I have wordpress site which was working correctly on apache site before.

https://example.com -> (port 443) -> apache server

However now I installed nginx for reverse proxy.

https://example.com -> (port 443) -> nginx ->(port 8080) -> apache

So now, when accesing wordpress site, there comes the error like this below

The page at '<URL>' was loaded over HTTPS, but requested an insecure script '<URL>'. This request has been blocked; the content must be served over HTTPS

I guess it is because of some files loaded from wordpress does not accept HTTP

How can I solve this? is there any relevant setting in wordpress ?

I can understand the server setting , but wordpress is blackbox for me.

CodePudding user response：

Check your page source and you must be having some external javascript files served over http like

<script src="http://example.com/bla/bla/somefile.js">

This needs to be served over https, like ...

<script src="https://example.com/bla/bla/somefile.js">

If you check using chromes developer tool you will find out easily which of your javascript files are loaded over example.com . This needs to be fixed in code. You should include any external javascript over https protocol to get rid of that warning.

Hope that helps.

CodePudding user response：

You can take HTTP/S back with a few simple SQLs:

UPDATE wp_options SET option_value = replace(option_value, 'http://example.com', 'https://example.com') WHERE option_name = 'home' OR option_name = 'siteurl';
UPDATE wp_posts SET guid = REPLACE (guid, 'http://example.com', 'https://example.com');
UPDATE wp_posts SET post_content = REPLACE (post_content, 'http://example.com', 'https://example.com');
UPDATE wp_postmeta SET meta_value = REPLACE (meta_value, 'http://example.com','https://example.com');

But be careful, not all scripts support the HTTP protocol, as already mentioned.