By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

mixed content and ssl showing your connection is not fully secure

0

I am running laravel backend applicaion on nginx server on port 80 but when i attached my load balancer with https my application not open properly showing mixed content and ssl showing your connection is not fully secure. Urgently need. i am sharing my nginx conf file server { listen 80; server_name _;

root /var/www/html/example/public;

add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";

index index.php;

charset utf-8;

location / {
    try_files $uri $uri/ /index.php?$query_string;
}

location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt  { access_log off; log_not_found off; }

error_page 404 /index.php;

location ~ \.php$ {
    fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
    fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
    include fastcgi_params;
}

location ~ /\.(?!well-known).* {
    deny all;
}

}

Topics
ComputeNetworking & Content Delivery
Tags
Amazon EC2Elastic Load Balancing
Language
English
medflick
asked 6 months ago314 views
2 Answers
0

You should have your alb port 80 listener setup to redirect to port 443

Then any context your webserver returns with absolute URLs including the protocol http will be redirect to https.

Your alternative is to ensure laveral returns all URLs as https and not http.

The issue lies with url references encoded in the webpages returned. They need to be rewritten from http to https or have the load balancer redirect any http urls.

profile picture
EXPERT
Gary Mclean
answered 6 months ago
0

Hello medflick, sorry to hear about the issues you're having with SSL and Laravel in NGINX. The error of "Site not fully secure" is coming from the fact that the browser is expect to have all loaded resources provided over SSL. On your case you have no choice than self store all images or create or proxy request from HTTP to HTTPS. Please see below for recommendations on how to resolve this issue.

There are few things you need to make sure working :

  • Is your route working in standard HTTP mode without index.php in url? For example, sometimes laravel.com/aboutus does not work but laravel.com/index.php/aboutus works? If its the case, you need to enable mod_rewrites in php and then add AllowOverride All in your VirtualHost configurations and restart Apache.
  • Coming to HTTPS, what you have setup in Laravel will make Laravel request forwarded to a secure HTTPS url. However, your server must be able listen, handle and respond to HTTPS request. You need to ensure that you have enabled VirtualHost to listen to port 443 (not just 80) which is the SSL port. Also, if you have SSL certificates, those need to be configured as well.
  • Before knowing if laravel works on HTTPS, make a simple php file and try to access it using HTTPS of the server url. If that works then you can check whats wrong in laravel. If that does not, then SSL is no configured correctly on your server.
  • Lastly, check .htaccess Rewrite conditions.

One other thing to consider: Look for the APP_URL entry in your .conf file. You may have to update the http to https there.

APP_URL=http://localhost to APP_URL=https://localhost

Hope this helps to debug this.
Thank you.

profile pictureAWS
BrianDAnderson_AWS
answered 6 months ago
  • medflick
    6 months ago

    Thank you I try most of the ideas but not worked. And I am running application on nginx server with behind load balancer 80 port work properly but 443 SSL not working properly and my application mixed content issue

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content