Mixed Content is the most common issue in an apache website. The perfect solution is, you need to find all urls and replace http with https but it may be time consuming and most probably this solution is at developer's end.
If you want to fix it at apache's end, here is the solution. Atleast you should give a try.
First enable module headers in apache
If you get internal server error, it means header module is not enabled.
If you want to fix it at apache's end, here is the solution. Atleast you should give a try.
First enable module headers in apache
sudo a2enmod headers
sudo service apache2 reload
Now add the line in virtualhost, your 443 port virtualhost where you have defined ssl keys. People add it in 80 port virtual host and complains it does not work.
Header always set Content-Security-Policy "upgrade-insecure-requests;
If you do not have virtualhost access, add the line in .htaccessHeader always set Content-Security-Policy "upgrade-insecure-requests;
Now check the urls in updated version of firefox / chrome / your browser.If you get internal server error, it means header module is not enabled.
No comments:
Post a Comment