So what happened was our apache config file has been updated with some security headings. These headings are imposed by our cyber security team. The addition of these headings broke the page (though I still do not understand why?). Commenting out the security headings fixed the problem. Here is what the apache file looks like with the headings:
--------------------------------------------------------------------------------------------------
<IfModule mod_ssl.c>
<VirtualHost *:443>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName webwork1.xx.xxxxxxx.xx
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
Alias /.well-known/acme-challenge/ /var/www/empty/.well-known/acme-challenge/
<Directory "/var/www/empty/.well-known/acme-challenge/">
Options None
AllowOverride None
ForceType text/plain
RedirectMatch 404 "^(?!/\.well-known/acme-challenge/[\w-]{43}$)"
</Directory>
#RewriteEngine on
#RewriteCond %{REQUEST_URI} !^/\.well-known
#RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [R]
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
SSLCertificateFile /etc/letsencrypt/live/webwork1.xx.xxxxxxx.xx/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/webwork1.xx.xxxxxxx.xx/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
#Header set Cache-Control "no-store"
#Header set Content-Security-Policy "default-src 'self'; object-src 'none'; form-action 'none'; frame-ancestors 'self'; report-to csp-endpoint;"
#Header set Expires "Sun, 29 Dec 2024 12:00:00 GMT"
#Header set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
#Header set X-Content-Type-Options "nosniff"
</VirtualHost>
</IfModule>
--------------------------------------------------------------------------------------------------
Would anyone know why the headers would cause an issue with the left-side menu? Or what a possible solution would be for this?