localhost using HTTPS
-
Since I first created a WordPress project on my local PC, it has run perfectly well as a testing site. Now, all of a sudden, resources are not being loaded causing the site to fail and make testing it impossible.
On inspecting the site on the Console tab, I see the following:
Failed to load resource: net::ERR_CONNECTION_REFUSED
/devproject/wp-content/themes/oceanwp-child/assets/css/frontpage.css?ver1.3:1When I hover over the file name, it is prefixed by https://localhost/
I’m assuming the https is the problem because localhost does not have a secure certificate.I have entered the following URL into Chrome, and set ‘Allow invalid certificates’ to ‘enabled’, but the problem is still unresolved.
chrome://flags/#allow-insecure-localhost
Allow invalid certificates for resources loaded from localhost EnabledI have done extensive googling and not found a solution to this yet. Is it possible to force Chrome to treat localhost as an http site and so load the resources.
Any advice would be appreciated as I have wasted a good amount of time on this so far.
-
Could you check your database, table
wp_optionsfor the keyshomeandsiteurlto see if they havehttps://in the value?Also please share the contents of your
.htaccessfile found in the root of your installation folder if you have it.Finally, have you installed any SSL plugin or have done any other configuration that you can think of in between when it was working and when it started not working?
Thanks for replying. In answer to your suggestions:
Both home and siteurl in wp_options are set to https://localhost/devproject
I have done nothing with SSL on my laptop. It was working fine until Friday. I’m guessing a Windows update was when it stopped working. The app successfully runs on 2 hosting sites that are set up with SSL.
The .htaccess file is as follows: I added the 3 lines at the top to see if it would help, but it didn’t.
# Redirect HTTPS to HTTP
RewriteCond %{HTTP:X-Forwarded-Proto} =https
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]# BEGIN WordPress
# The directives (lines) betweenBEGIN WordPressandEND WordPressare
# dynamically generated, and should only be modified via WordPress filters.
# Any changes to the directives between these markers will be overwritten.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /devproject/
RewriteRule ^index\.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /devproject/index.php [L]
</IfModule># END WordPress
I’ve even hardcoded https://localhost/devproject into the src attributes for the resources, but inspect always shows them as being converted to ‘https’ giving me the error.
Interestingly, if I type the url of the resource into the browser, I get the same error message with https:// appearing in the url. I’ve cleared various Chrome settings and did get it to display the resource one time but then it quickly reverted to giving me the error again. I found it did the same for other browsers including IE and Firefox.
https://localhost/devproject/wp-content/themes/oceanwp-child/assets/css/frontpage.css
This site can’t be reached
localhost refused to connect.
ERR_CONNECTION_REFUSED
I’ve done what you asked, exported it into a har file and pasted it into here. Note devproject was just the name in the examples I used. It is using chfootball in the code because that is the real name of the project folder. Not sure if this tells us anything…
although: “name”: “Upgrade-Insecure-Requests”, looks a bit ominous.
[ SNIP! ]
This only started happening on Friday, and so somewhere, this value has been srt, but as yet, I have not been able to determine where. I would have expected this to originate from the Apache settings but I can find nothing in the configuration file that relates to this.
I think the answer is here somewhere, but I haven’t figured what I have to do at my end to fix this yet.
https://stackoverflow.com/questions/31950470/what-is-the-upgrade-insecure-requests-http-header
I’ve dumped out the content of my $_SERVER variable and it contains:
[HTTP_UPGRADE_INSECURE_REQUESTS] => 1
Could this be significant? If so, I don’t know how to turn it off because I cannot find a reference to it in my php.ini file. I deleted it in the code, but it made no difference.
The following link seems to accurately represent my problem. still can’t see the solution though.
https://github.com/twitter/secure_headers/issues/348
According to many people, using ‘localhost’ should not cause this problem.
-
This reply was modified 4 years, 10 months ago by
.
-
This reply was modified 4 years, 10 months ago by
-
This reply was modified 4 years, 10 months ago by
-
This reply was modified 4 years, 10 months ago by
-
This reply was modified 4 years, 10 months ago by
-
This reply was modified 4 years, 10 months ago by
I find it disappointing that nobody else has come across this problem and not found a solution to it.
There MUST be some way of informing localhost (running on Apache) NOT to convert requests for resources into HTTPS requests and then refusing to retrieve them.
Putting the following in my httpd-vhosts.conf file
RewriteEngine On
LogLevel alert rewrite:trace6
ErrorLog “C:\Wamp64\logs\rewritelog.txt”resulted in the following being logged:
Unfortunately, I can’t draw conclusions from it.[ SNIP! ]
-
This reply was modified 4 years, 10 months ago by
- The topic ‘localhost using HTTPS’ is closed to new replies.