'PDF file is insecure in WordPress [duplicate]
This may be a stupid question and have an obvious answer. My WordPress is serving pages over HTTPS/SSL correctly without any issues (no mixed contenting warding...etc)
However, I couldn't figure out why the page is insecure when I type this URL (w/o https://www.) in my browser:
example.com/wp-content/uploads/note.pdf
But this URL (with https://www.) is secure:
https://www.example.com/wp-content/uploads/note.pdf
Solution 1:[1]
You need to setup redirection of non-secure URL addresses to their secure versions, this can be made by adding the following in your .htaccess file:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NE]
<IfModule mod_headers.c>
Header always set Content-Security-Policy "upgrade-insecure-requests;"
</IfModule>
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 |