Generated CSS files are insecure

  • Resolved cjwebdev

    (@cjwebdev)


    3 years, 10 months ago

    We are getting a ‘mixed-content’ content error on our secure site. All Litespeed generated CSS files are linked as insecure (http) and are blocked.

    Both WordPress URLs are set to HTTPS. Ive run a search replace on the database and there are no occurrences of HTTP.

    We also have the Really Simple SSL plugin installed with the mixed-content filter active. Yet still the files are linked as http.

    The only recent change is that the site does use Cloudflare and we recently updated to Cloudflare Pro…

    Any help would be really appreciated.

    CJ

Viewing 7 replies - 1 through 7 (of 7 total)
  • Plugin Support qtwrk

    (@qtwrk)

    Hi,

    Could you please create a php file , with code 

    <?php
require( './wp-load.php' );
echo 'WP CONTENT URL:' . content_url();
echo '<br>';
echo 'LSCWP URL: ' . LITESPEED_STATIC_URL;

    save it at same level as your wp-config.php

    access it by browser, and post output ?

    Best regards,

    Thread Starter cjwebdev

    (@cjwebdev)

    Thanks qtwrk,

    WP CONTENT URL:https://our.domain.com/wp-content
LSCWP URL: https://our.domain.com/wp-content/litespeed

    CJ

    Thread Starter cjwebdev

    (@cjwebdev)

    We are running Litespeed v3.5.2 on WP v5.5.3

    CJ

    Plugin Support qtwrk

    (@qtwrk)

    Hi,

    now that is interesting.

    could you please try this script 

    <?php
require( './wp-load.php' );
echo 'WP CONTENT URL:' . WP_CONTENT_URL;
echo '<br>';
echo 'LSCWP URL: ' . LITESPEED_STATIC_URL;

    run twice , one with really simple SSL , one without it.

    Best regards,

    Thread Starter cjwebdev

    (@cjwebdev)

    Without RSSSL:

    
WP CONTENT URL:https://our.domain.com/wp-content
LSCWP URL: https://our.domain.com/wp-content/litespeed

    With RSSSL:

    
WP CONTENT URL:https://our.domain.com/wp-content
LSCWP URL: https://our.domain.com/wp-content/litespeed

    Now everything is fine – Litespeed CSS is HTTPS. No mixed-content errors.

    Very strange (I bet it’s Cloudflare’s fault)

    Plugin Support qtwrk

    (@qtwrk)

    Hi,

    hmmmm , yeah , strange

    from our code , that litespeed url is defined by

    define( 'LITESPEED_STATIC_URL', WP_CONTENT_URL . '/litespeed' ) ;

    so whatever scheme WP_CONTENT_URL has, it inherits.

    but in your first test, WP URL gives https and LS URL gives http , that’s why I said it’s interesting

    something altered somehwere I think

    Best regards,

    Thread Starter cjwebdev

    (@cjwebdev)

    Thanks for your help in any case.

    I’ll mark this as resolved … but mysterious.

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Generated CSS files are insecure’ is closed to new replies.