Question

Strapi droplet is not secure(using only http) causing an error to login

I created a website using ‘Gatsby.js’ and tried to use Strapi droplet which is hosted in digitalocean. However after I added all the data to the backend and tried to log in my website, I see this error and can’t log in:

**login.js:25 Mixed Content: The page at 'https://myWebsite.com/login' was loaded over HTTPS, but requested an insecure resource 'http://188.1xx.1xx.251/auth/local'. 
This request has been blocked; the content must be served over HTTPS.**

So I looked at my droplet and found out that it’s not using https! http://188.1xx.1xx.251/auth/local

When I created this site, I didn’t use ssl option. So I created another droplet which is using ssl, but it still using ‘http’, not ‘https’.

So my website is pretty much useless since I can’t log in. Is there anybody who can help me with this please?

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

TomThatsFebruary 22, 2021

Had the same error after installing SSL certificate.

You have to rebuild the admin panel by doing so:

# go to your strapi folder, if you used the one-click droplet its probably this one
cd /srv/strapi/strapi-development

# rebuild your admin panel with npm/yarn
yarn run build

Then restart / reload everything just to make sure

BMarijuanFebruary 2, 2021

Hello,

Any updates on the above? I am having the exact same issue on my droplet…

Bobby IlievNovember 16, 2020

Hi there @izzyangelworld,

I believe that you have to edit your Strapi config and specify your domain name as the host rather than your Droplet’s IP address, that way the resources will be loaded directly from your domain rather than your IP address, which will fix the mixed content error.

You can take a look at how to do that here:

https://strapi.io/documentation/v3.x/deployment/nginx-proxy.html#strapi-server

Regards, Bobby

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up