I’m running Winter CMS behind a reverse proxy. Every time I log in to the backend, the login form shows an insecure connection warning.
I set APP_URL to my domain (example.com), but the issue still remained.
I wasn’t sure if Winter CMS stored the URL somewhere else. After checking the source code, I found this:
/*
|--------------------------------------------------------------------------
| Linking policy
|--------------------------------------------------------------------------
|
| Controls how URL links are generated throughout the application.
|
| detect - detect hostname and use the current scheme
| secure - detect hostname and force HTTPS scheme
| insecure - detect hostname and force HTTP scheme
| force - force hostname and scheme using app.url config value
|
| NOTE: force will ensure that the app.url value is used as the host for
| URLs generated through the URL helpers, which might have unintended
| consequences for projects that support multiple hostnames.
|
*/I changed LINK_POLICY in the .env file from detect to force, and the insecure connection issue was resolved.
Comments