it wasnt the chatbox, it was unsecure fonts being loaded via http instead of https form a plugin
I installed a new plugin (DVZ secure content) which restricts non secure content (non-https) for avatars, fonts, mycode images, remote avatars, mycode video, etc.
The errors were from a font used from a plugin
so i just manually switched it
But that might be a concern in the future if we install another plugin or theme, or something else that hard coded http into their code.
I installed a new plugin (DVZ secure content) which restricts non secure content (non-https) for avatars, fonts, mycode images, remote avatars, mycode video, etc.
The errors were from a font used from a plugin
Quote:Mixed Content: The page at 'https://python-forum.io/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Ubuntu:400,700'. This request has been blocked; the content must be served over HTTPS.
(index):1 Mixed Content: The page at 'https://python-forum.io/' was loaded over HTTPS, but requested an insecure stylesheet 'http://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css'. This request has been blocked; the content must be served over HTTPS.
(index):43 Mixed Content: The page at 'https://python-forum.io/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Ubuntu:400,700'. This request has been blocked; the content must be served over HTTPS.
(index):43 Mixed Content: The page at 'https://python-forum.io/' was loaded over HTTPS, but requested an insecure stylesheet 'http://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css'. This request has been blocked; the content must be served over HTTPS.
so i just manually switched it
$ sudo grep -ril http://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css [sudo] password for metulburr: cache/themes/theme1/guestwarn.min.css cache/themes/theme1/guestwarn.css inc/plugins/guestwarn.php $ sudo vim cache/themes/theme1/guestwarn.min.css $ sudo vim cache/themes/theme1/guestwarn.css $ sudo vim inc/plugins/guestwarn.php $ sudo grep -ril http://fonts.googleapis.com/css?family=Ubuntu:400,700 $ sudo grep -ril http://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css $ sudo grep -ril http://fonts.googleapis.com/css?family=Ubuntu:400,700 $After this my browsers now says the console is clean and no errors, no unsecure content, and fully secure, whereas before it just gave a warning saying it blocked the non secure content.
But that might be a concern in the future if we install another plugin or theme, or something else that hard coded http into their code.
Recommended Tutorials:
