I have multiple websites, published internally using http content routing.
VirtualServer-443/80 <--> FortiWeb (Rule with no protection profile) <--> ServerPool-80
I have no problem when using http but when accessing via https some content get blocked, when i inspect the page on the browser i got "blocked: mixed content"
Is there any way to avoid this problem on the FortiWeb, because i don't have access to the website source.
Did you ever resolve this? I'm in a similar situation.
you can use header security > content security policy > upgrade-insecure-requests. this is only workaround. let me know if it work.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.