I honestly have no idea about a more tentative and suggestive title, so... sorry to all moderators in advance.
Ok, so I configured properly Let's Encrypt to my website with Nginx. Once I finished, I see the website without CSS, JS, etc. in a typical blocked:mixed:content (BMC) problem. BMC is easily fixable, you check wordpress URL configuration plus one or two more stuffs.
So here's where things start to get complicated. Only after I successfully logged into my wp-admin, Wordpress shows me a Sorry, you are not allowed to access this page., which in the back it's a 403 error. At that time, error.log wont show anything, however access.log show this:
160.160.160.160 - - [26/Dec/2016:11:43:59 -0600] "GET /wp-admin/ HTTP/2.0" 403 1826 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36"
160.160.160.160 - - [26/Dec/2016:11:43:59 -0600] "GET /favicon.ico HTTP/2.0" 200 159 "https://www.paradisearenasblancas.com/wp-admin/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36"
(Fake IPs BTW)
So far everything is a mere information and I can't see a sole useful information about the error in question.
I have configured my Wordpress installation with the old http URL, so after I can't enter the dashboard, I can edit those URLs directly with MySQL or manually adding it in wp-config. The problem with that is that it gives me the net::ERR_TOO_MANY_REDIRECTS error in browsers. So it's kind a bottleneck scenario, and I have no idea what to do.
I can't find an error in my website.conf file:
server {
listen 80;
listen [::]:80;
server_name www.mywebsite.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
include snippets/ssl-www.mywebsite.com.conf;
include snippets/ssl-params.conf;
server_name www.mywebsite.com;
root /usr/share/nginx/html/mywebsite.com/;
index index.php index.html;
error_log /var/log/nginx/error-paradise.log;
access_log /var/log/nginx/access-paradise.log;
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location / {
try_files $uri $uri/ /index.php?q=$uri&$args;
# Wide-open CORS config for nginx
add_header 'Access-Control-Allow-Origin' 'https://www.mywebsite.com';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Headers' 'Content-Type,Accept';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE';
}
location ~ /.well-known {
allow all;
}
}
Another thing I did was to move all plugins from plugins directory and nothing, everything still the same.
I have no idea what else to do. Any help will be much appreciated.
EDIT:
It seems to be the theme I'm using. I've tried to move its directory and when Wordpress changes to the next default theme, everything is working fine. If I copy again the theme's directory to themes/, the same problem will start. Since I have lots of blocked:mixed:content errors, I'm searching within theme directory using grep -rnw '/usr/share/nginx/html/website.com/wp-content/themes/themename/' -e 'http'and found a huge amount of lines containing http. I know there's a lot of plugins that fixes this, but since I'm getting error 403 once I'm logged in into wp-admin, how can I replace all that http into https?
TO enable SSL for wordpress, you can do any of the two below
Edit both your SITE and HOME URL settings in the Settings -> General section of your wordpress dashboard, changing the http to https.
Edit your wp-config.php and define both the WP_SITEURL and WP_HOME
define( 'WP_SITEURL', 'https://example.com' );anddefine( 'WP_HOME', 'https://example.com' );You should also add this to your wp-config.php force ssl for wp-admin