Issue with HTTPS Not Being Enforced Despite SSL Applied

Hello,

Suddenly, the website is no longer applying https://. As a result, even though my code does not specify https or http, all CSS and JS files seem to be linked through http.
(The SSL is already applied, but https:// is not being enforced in the code.)

SSL Domain
스크란샷 2024-08-26 08.48.50

Error Console

JS

.htaccess

Initially, I thought this was a hosting issue, but the hosting provider suggested it might be a problem with the development code. Could you please check this for me?

Thank you for your help.

Which specific version of Kirby is this? the https redirect from http seems to work. you could try this way:

RewriteEngine on
RewriteCond %{HTTP_HOST} !=localhost
RewriteCond %{HTTP_HOST} ^www\. [NC,OR]
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [R=301,L,NE]

Kirby detects whether the request was made through ssl or not via a $_SERVER variable and sometimes via http headers.

If something has suddenly changed, it’s possible that the hosting company has done something, like putting you behind a reverse proxy server (they might do this to cache static files without having them pass through apache).
At that point Kirby might no longer be able to securely and reliably determine the environment it’s being run in. (E.g. the connection between reverse proxy and kirby might just be unencrypted http, which would actually be quite common, and kirby might see that).

You might want to hardcode a base URL in your env.php config file.

<?php 

return [
    'url' => 'https://wwf.kr'
];

Put this into site/config/env.php on your production server (and only there! The env.php should be specific to each environment).