nginx-proxy-manager icon indicating copy to clipboard operation
nginx-proxy-manager copied to clipboard
Published 3 weeks ago verified publisher icon NginxProxyManager

Mixed Content Warning on Basic Authentication Page (HTTP instead of HTTPS)

Open robeston opened this issue 3 weeks ago • 1 comments

Hello,

A "Mixed Content" warning is experienced (indicated by a gray globe/info icon instead of a green padlock) on the built-in Nginx Proxy Manager Basic Authentication (Password Protection) page when accessing a host over HTTPS (port 443).

The SSL certificate is valid. The backend application works fine with HTTPS after logging in. The issue is specific to the NPM's custom login prompt page itself.

It seems the built-in authentication template is loading an asset (like an image or CSS file) using an absolute http:// URL instead of https:// or a relative URL.

To Reproduce:

  1. Set up a host in NPM with SSL enabled and "Access Lists" or "Basic Authentication" applied.
  2. Navigate to the host URL via HTTPS (pl. https://testpage.ddns.net).
  3. The browser displays the password prompt, but flags the connection as insecure due to mixed content.

Expected behavior: The Basic Authentication prompt page should load all assets over HTTPS to display a secure green padlock icon.

Thank you for your help.

robeston avatar Dec 02 '25 20:12 robeston

Why are you opening a duplicate issue #4984

7heMech avatar Dec 03 '25 17:12 7heMech