SSL and security configuration issues can prevent your DigiFusion theme from loading properly or cause mixed content warnings. This guide covers the most common SSL and security problems and their solutions.
Resolving Mixed Content Warnings
Mixed content warnings occur when your site loads both HTTP and HTTPS resources. This can break the appearance and functionality of your DigiFusion theme.
Force HTTPS in WordPress
Navigate to your WordPress admin area and go to Settings > General. Ensure both your WordPress Address (URL) and Site Address (URL) use https:// instead of http://.
If you cannot access your admin area, add these lines to your wp-config.php file:
define('WP_HOME','https://yoursite.com');
define('WP_SITEURL','https://yoursite.com');Fix Mixed Content in Theme Assets
Open your browser’s developer tools (F12) and check the Console tab for mixed content errors. Look for any HTTP URLs loading fonts, images, or scripts.
To fix theme-related mixed content, add this code to your child theme’s functions.php file:
function digifusion_force_ssl_assets($url) {
if (is_ssl() && strpos($url, 'http://') === 0) {
$url = str_replace('http://', 'https://', $url);
}
return $url;
}
add_filter('wp_get_attachment_url', 'digifusion_force_ssl_assets');
add_filter('script_loader_src', 'digifusion_force_ssl_assets');
add_filter('style_loader_src', 'digifusion_force_ssl_assets');Fixing Security Plugin Conflicts
Security plugins can sometimes interfere with DigiFusion theme functionality. Here’s how to resolve common conflicts.
Disable Security Plugin CSS/JS Optimization
Many security plugins include CSS and JavaScript optimization features that can break the DigiFusion theme. Access your security plugin settings and disable these features:
- CSS minification
- JavaScript minification
- CSS combining
- JavaScript combining
Whitelist DigiFusion Assets
Add the DigiFusion theme directory to your security plugin’s whitelist. In most security plugins, this is found under File Protection or Directory Protection settings.
Add these paths to your whitelist:
/wp-content/themes/digifusion//wp-content/themes/digifusion-child/(if using a child theme)
Configure Content Security Policy
If your security plugin uses Content Security Policy (CSP), add these directives to allow DigiFusion assets:
script-src 'self' 'unsafe-inline' fonts.googleapis.com;
style-src 'self' 'unsafe-inline' fonts.googleapis.com;
font-src fonts.gstatic.com;Resolving HTTPS Redirect Issues
Incorrect HTTPS redirects can cause infinite redirect loops or prevent access to your site.
Check .htaccess File
Open your .htaccess file in the root directory of your website. Remove any duplicate HTTPS redirect rules and replace them with this single rule:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]Clear WordPress Redirect Cache
If you’re still experiencing redirect issues, clear any caching plugins and add this code to your wp-config.php file temporarily:
define('WP_CACHE', false);After clearing the cache, remove this line and re-enable your caching plugin.
Fixing Certificate Verification Errors
Certificate errors can prevent external resources from loading, affecting DigiFusion theme functionality.
Update WordPress Core
Ensure you’re running the latest version of WordPress, as older versions may have outdated certificate authorities.
Disable SSL Verification Temporarily
As a temporary solution, you can disable SSL verification for WordPress HTTP requests. Add this to your wp-config.php file:
add_filter('https_ssl_verify', '__return_false');
add_filter('https_local_ssl_verify', '__return_false');Important: Remove this code once you’ve resolved the underlying certificate issue.
Configure Server SSL Settings
Contact your hosting provider to ensure your server has up-to-date SSL/TLS configurations and certificate authority bundles.
Resolving Security Header Conflicts
Some security headers can interfere with DigiFusion theme resources.
Adjust X-Frame-Options
If you’re using DigiFusion with page builders or iframe content, modify the X-Frame-Options header. Add this to your .htaccess file:
Header always set X-Frame-Options "SAMEORIGIN"Configure Referrer Policy
Set an appropriate referrer policy that allows DigiFusion to load external resources:
Header always set Referrer-Policy "strict-origin-when-cross-origin"Fixing Database SSL Connection Issues
Database SSL connection problems can cause site-wide issues.
Disable Database SSL
Add this line to your wp-config.php file before the database connection settings:
define('MYSQL_CLIENT_FLAGS', MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT);Configure Database SSL Properly
If you need database SSL, add these constants to wp-config.php:
define('DB_SSL_KEY', '/path/to/client-key.pem');
define('DB_SSL_CERT', '/path/to/client-cert.pem');
define('DB_SSL_CA', '/path/to/ca-cert.pem');Replace the paths with the actual locations of your SSL certificate files.