Mixed Content error for Full SSL certificate

I use Full SSL certificate. When I try to upload image in my Wordpress site from usuall user (no admin) I get error:
Mixed Content: The page at ‘https://mysite.com/avatar/’ was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint ‘http://mysite.com/’. This request has been blocked; the content must be served over HTTPS.

I enable options " Always Use HTTPS" and “Automatic HTTPS Rewrites”. I also use plugin “SSL Insecure Content Fixer” and get search and replace “http://mysite.com” to “https://mysite.com” with plugin “Better Search Replace” . This all doesnt help me.

Any external ressources or links?

What do you mean?

Something on that page is trying to load over HTTP. It’s possible you’re linking to an external image using an HTTP URL instead of HTTPS. This does not seem to be the case, as the link you posted refers to your own site.

If you post the URL of that page, we can take a closer look. Otherwise, test that URL with this tool:
https://www.whynopadlock.com

On my sites, I always add the following to my .htaccess file:
Header always set Content-Security-Policy: upgrade-insecure-requests

Problem on this page:
when I try to upload avatar.

Login page:
User:
Password:

Something buried in that process is trying to make an HTTP call. Have you tried adding that Header line to your .htaccess file?

Its my .htacces file:

Problem was solve. The problem was in my function file.

This topic was automatically closed after 30 days. New replies are no longer allowed.