Hello, I have a WordPress site and it’s proxied in Cloudflare.
The SSL is issued by Cloudflare, and it has been working for a long time.
Now, I don’t know why, it has stopped working, and more strange, only in Chrome browsers.
The website is this one: https://peterpalmer.io
SSL is set to Flexible and always has worked well. Always use HTTP option is disabled, because I have https redirect in WordPress with Really Simple SSL and in the General options of WordPress the WordPress base URL is with https.
What is happening? I don’t know what is happening if this always has worked well, why is failing now?
It may be, but you also set the mode to Full (Strict) without a certificate so we can’t test it anymore.
The error is because you enabled an SSL/TLS mode that requires a valid certificate at your origin to ensure encryption between Cloudflare and the Origin (Which is indeed a good idea to secure your connection).
To resolve this error you can either install a publicly trusted certificate (e.g. Let’s Encrypt) at your origin, or an Origin CA certificate and make the origin listen on HTTP (port 443)
Looks like the ones that Chrome was only warning about are taken care of, but there’s still two that it outright blocks on security grounds
Mixed Content: The page at 'https://peterpalmer.io/' was loaded over HTTPS, but requested an insecure image 'http://peterpalmer.b-cdn.net/wp-content/uploads/2022/06/Peter-barcelona.png.webp'. This request has been blocked; the content must be served over HTTPS.
Mixed Content: The page at 'https://peterpalmer.io/' was loaded over HTTPS, but requested an insecure image 'http://peterpalmer.b-cdn.net/wp-content/uploads/2022/01/IMG_7736-1-scaled.jpg.webp'. This request has been blocked; the content must be served over HTTPS.
are the affected resources.
How to fix this will depend on the setup entirely, it’s pretty tricky to give general advice aside from the tutorial on mixed content