SSL Problems

Hi,

I have just set my website up with cloudflare flexible SSL.

When I load into the beaver builder editor I can’t edit inside columns and if I look in the console I can see this error.

Mixed Content: The page at 'https://www.domain.com/?fl_builder' was loaded over HTTPS, but requested an insecure stylesheet 'http://www.domain.com/wp-content/plugins/bb-plugin/css/editor.css?wp-mce-4208-20151113'. This request has been blocked; the content must be served over HTTPS.

I am using the SSL insecure content fixer plugin but it isn’t getting these resources for some reason.

Any ideas how to fix this?

Hi Mike,

I have no experience with CloudFlare SSL, but the issue appears to be related to that option. Mixed Content means the parts of your site are not secure.

However, that flexible option from the sounds of it doesn’t actually provide any SSL at all?

Can you provide a link to your site, please? So we can take a closer look.

Thanks,
Danny

[Content Hidden]

Hey Mike,

I just logged in to your site, loaded up the subsite you mentioned, and I’m able to edit the contents on anywhere. I believe the problem you had before is related to the bug which we fixed on 1.7.5, where you can’t select modules inside rows with color overlay. Can you check and see if you’re still having the same problem? I’ll file a bug report on the SSL issue though, thanks for the heads up there!

Ben

Yeah the update fixed the editing but there is still a few things not right due to blocked scripts. I am guessing it might be due to hard coded http reference?

Did you look at the settings page?

Hi Mike,

I looked at your Network Admin Settings page and I am not see any warnings? Is this now resolved?

Thanks,
Danny

The network agency settings page for beaver builder doesn’t load properly.

Also in the editor it doesn’t work properly, when I try to drag an item to a different row it just disappears and freezes up.

I think it’s obviously the scripts getting blocked due to mixed content. If you don’t see the warnings then I think you must not be on the right page because I see them.

(the warnings are in the javascript console)

Hey Mike,

I logged into the network admin and am not seeing any issues in the console. Can you let me know what specifically isn’t loading properly there?

As for the editor.css HTTPS issue, I believe that can be fixed by changing line 154 of classes/class-fl-builder.php from this…

$mce_css .= FL_BUILDER_URL . 'css/editor.css';

to this…

$mce_css .= plugins_url('/css/', FL_BUILDER_FILE) . 'editor.css';

Give that a shot and let me know how it goes.

Justin

Hey Mike,

I just realized I missed the part about dropping in modules. I’m looking into that now.

Justin

Hey Mike,

It looks like there might be an issue with your SSL setup. I did some more research and our constant FL_BUILDER_URL is actually defined using WordPress’ plugins_url function.

The plugins_url function is using WordPress’ set_url_scheme function which uses is_ssl to see whether HTTPS should be used or not…

https://www.dropbox.com/s/z2xxraus02ro9gv/Screenshot%202016-02-29%2011.47.01.png?dl=0

The FL_BUILDER_URL constant is used to build the path to a module’s settings, but that is coming up as HTTP instead…

https://www.dropbox.com/s/zj2d5po8xpb5x6n/Screenshot%202016-02-29%2011.48.06.png?dl=0

There are known issues with WordPress’ is_ssl check. Have a look at the Notes section here and see if any of that helps…

https://codex.wordpress.org/Function_Reference/is_ssl

Justin

Hi Justin,

You are a true Wizard!

That was the exact issue and adding the code from the codex page fixed it:

if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')
    $_SERVER['HTTPS'] = 'on';

Many thanks for your help.

Mike

You’re welcome! I’m glad that worked.

Justin