I have setup wordpress on a domain that was already secure. Because of this I am getting mixed content messages like this:
Mixed Content: The page at 'https://www.triadmathtutor.com/wp-login.php' was loaded over HTTPS, but requested an insecure stylesheet 'http://www.triadmathtutor.com/wp-includes/css/dashicons.min.css?ver=6.3'. This request has been blocked; the content must be served over HTTPS.
I feel like this is wordpress's fault since I know that my site is secure (I can see the lock on url bar). Anyways, when I press to login, it takes me to a non-secure section and I get a request to send over a non-secure site:
and then after I click 'Send Anyway' it takes me back to the login screen - it may have had some error or something but I don't know since it looks like a lot of stuff isn't loading correctly:
I am running with an nginx server that is setup on a secure port with the ssl information. I hear there is a plugin on wordpress in order to help with this, but I can't even run it since I don't know how to login.
This is my nginx config:
server {
server_name www.triadmathtutor.com;
root /var/www/html/TriadMathTutor;
index index.php;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
include fastcgi_params;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_script_name;
}
listen 443 ssl;
ssl_certificate xxx
ssl_certificate_key yyy
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
}
Help Appreciated, thanks.