Running on Ubuntu 14.04 with Apache on an AWS EC2 server.
I recently renewed my LetsEncrypt certificate for my bootstrap-it.com site. The big change with the renewal was that Let’s Encrypt automatically saved my certificates into /etc/letsencrypt/live/ rather than the /home/… directory I’d kept them in until then. So I updated Apache’s /etc/apache2/sites-available/default-ssl.conf to point to the new certs.
Everything seemed to go well. But now I just noticed that I’m getting all kinds of apache errors like this:
[:error] [pid 4963] [client 185.129.148.190:8665] script ‘/var/www/html/wp-main.php’ not found or unable to stat
[:error] [pid 4400] [client 185.129.148.190:17236] script ‘/var/www/html/sqlibak.php’ not found or unable to stat
[:error] [pid 5470] [client 185.129.148.190:18207] script ‘/var/www/html/functions.php’ not found or unable to stat
Those files are all either in /var/www/html/bootstrapit/blog or /var/www/html/bootstrapit/blog/wp-includes…Apache is obviously looking in the wrong place. How do I correct that?
One more thing, when I try to load a WordPress blog post in my browser, inline images don’t load, and I get this error:
Mixed Content: The page at ‘https://bootstrap-it.com/blog/index.php/2016/10/26/linux-inodes/’ was loaded over HTTPS, but requested an insecure image ‘http://bootstrap-it.com/blog/wp-content/uploads/linux-inode.png’. This content should also be served over HTTPS. https://www.bootstrap-it.com/blog/wp-content/uploads/linux-inode.png Failed to load resource: net::ERR_INSECURE_RESPONSE
The main “script ‘/var/www/html/sqlibak.php’ not found” errors are due to an incorrect setting in your WP config.
The “Mixed Content” error is because you are trying to include images with http specified. You should either specify https or not specify either so that it defaults to the current method.
The “net::ERR_INSECURE_RESPONSE” is back to my first point, the certificate is not valid for www.bootstrap-it.com
In a way it is a problem so yes, you do need to do something about it really. If someone tries to go to www.bootstrap-it.com they will get a certificate error - prior to getting the redirect ( why should the accept a redirect from something that's saying it's not correct .... )
For anyone who might be interested, it turns out that the WordPress problem was related to the certificate (although perhaps not to the cert renewal): for some reason, the HTTP in “WordPress Address (URL)” in WP General Settings hadn’t been updated to HTTPS.