Home › Forums › Really Simple SSL pro › Speed issue / 404 code
- This topic is empty.
-
AuthorPosts
-
September 30, 2019 at 6:24 am #282217
Bernd Guzek
Participantsince I installed the pro-version, the site is slower and in webpagetest.org several elements with the error code 404 appear, as you can see on the screenshot. Unfortunately they don’t disappear when I uninstall the free and the pro-version.
What can I do? Of course I would continue to use the comfortable plugin, but there are easily 21 processes with the 404 …
Thanks for your suggestions.
Unfortunately, the screenshots don’t show. Here are the links:
http://www.candida.de/debug/debugging2.png
http://www.candida.de/debug/debugging1.png-
This topic was modified 1 year, 4 months ago by
Bernd Guzek.
September 30, 2019 at 8:26 am #282255Mark
KeymasterHi Bernd,
it looks like you have enabled Content Security Reporting in the Security Headers section of Really Simple SSL. This can indeed cause 404 errors when there are a lot of resources that need to be processed. Can you check if these errors also occur when Content Security Reporting is disabled?
Besides that, your site still uses some http:// links. This can be caused by caching. It’s possible the site still serves a cached page. Can you try to clear all caches the site uses to see if that resolves the issue?
Mark
September 30, 2019 at 9:55 am #282273Bernd Guzek
ParticipantHi Mark,
thanks for the quick response. Since I worked on a little bit while waiting for the reply, I removed this from the very bottom of my .htacess
# Begin Really_Simple_SSL_CSP_Report_Only
Header always set Content-Security-Policy-Report-Only: “default-src ‘self’; script-src ‘self’ ‘unsafe-inline’; script-src-elem ‘self’; style-src ‘self’ ‘unsafe-inline’; style-src-elem ‘self’ unsafe-inline; report-uri https://www.alkohol-ade.com/wp-json/rsssl/v1/csp?rsssl_apitoken=1569059497 ”
# End Really_Simple_SSL_CSP_Report_Onlywhich probably stops the Content Security Reporting, I guess? After this, all 404 disappeared. So, the plugins are still deactivated for debugging reasons, but the .htaccess is like this:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</IfModule>
# –
# BEGIN Really_Simple_SSL_SECURITY_HEADERS
<IfModule mod_headers.c>
Header always set Strict-Transport-Security: “max-age=31536000” env=HTTPS
Header always set Content-Security-Policy “upgrade-insecure-requests”
Header always set X-XSS-Protection “1; mode=block”
Header always set X-Content-Type-Options “nosniff”
Header always set Referrer-Policy: “no-referrer-when-downgrade”
Header always set Expect-CT “max-age=7776000, enforce”
Header always set X-Frame-Options “sameorigin”
</IfModule>The cache (we use WP Rocket) ist cleared several times, so at this point I do have no idea where the http is coming from.
Thanks, Bernd
September 30, 2019 at 10:29 am #282274Mark
KeymasterHi Bernd,
the site currently shows a coming soon page, this prevents me from debugging the issue. Can you temporarily disable the coming soon page so I can have a look?
Mark
September 30, 2019 at 10:42 am #282276Bernd Guzek
ParticipantTrue, it’s open now, thanks!
September 30, 2019 at 11:23 am #282288Mark
KeymasterThank you. Most images do seem to work now. Do you have an example of a page where images don’t work?
Mark
September 30, 2019 at 11:42 am #282293Bernd Guzek
ParticipantThe pictures weren’t the problem – all the 404 errors delayed the loading process, but I don’t know what’s in these files. If they were images – good, then they were loaded very slowly, which also corresponds to the subjective perception.
As I said, without the plugins and with the commented out line it’s gone now. But that is not the sense of the whole thing 😉
If it’s ok for you I’ll close the gate again.
-
This reply was modified 1 year, 4 months ago by
Bernd Guzek.
October 1, 2019 at 6:21 am #282732Bernd Guzek
ParticipantHi, Mark,
to sum it up: The site currently runs better with the modifications to the .htacess than before with the plugins. Do I leave it like this now, or is there another way?
October 1, 2019 at 7:52 am #282782Mark
KeymasterYou can leave the plugin enabled, while leaving the Content Security Policy options disabled. Those options were causing the 404 errors on your site. The content security policy blocks resources which haven’t been whitelisted, causing a 404 error. If you enable the plugins and disable those options your site should run fine.
-
This topic was modified 1 year, 4 months ago by
-
AuthorPosts
- The topic ‘Speed issue / 404 code’ is closed to new replies.