This request has been blocked; the content must be served over HTTPS.

[dstearle]

So I was able to get umami up and running on its own self hosted server and connected to one of my websites. The problem however, is that because I have it setup on just an IP address my site will not allow for umami to gather information since the site is secured over SSL (as it should be). Am I supposed to buy a domain and then get a SSL in order to use umami? Or is there a way to secure my connection over https instead of http for my server?

[mikecao]

I think you can do this, https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/upgrade-insecure-requests

But the recommended option would be to use HTTPS everywhere.

[dstearle]

For anyone setting up Umami on a server that uses Plesk I am leaving this here in case you run into the same road blocks I did. What I ended up doing was:

• created a subdomain for an existing domain that I had already
• set up SSL for both the domain and the subdomain (the domain was changed to a wildcard SSL since it now has a subdomain)
• set up umami to run on an open port that was not being used (both ports 443 and 8443 are necessary to use https but both are being used by Plesk and can not be changed. Set your port to something like 3031 or whatever is available then do the next step...)
• created reverse proxy to direct https to the new port. When placing the code mentioned in the provided link, make sure to change the port number '5500' to whatever port you set your app to (If you are using Plesk, here is the article on how to do that: https://support.plesk.com/hc/en-us/articles/360016059159-How-to-create-Nginx-reverse-proxy-for-Node-js-application-and-let-Nginx-handle-SSL-on-Plesk-server-)

I just want to note that yes, these are the steps stated in Umami's documentation. However I wanted to post this here is because the details in how to complete said steps specifically for a Plesk server (centos 7) had yet to be posted anywhere (or at least I couldn't find anyone else who had solved the issue at the time).