DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Refcards Trend Reports Events Over 2 million developers have joined DZone. Join Today! Thanks for visiting DZone today,
Edit Profile Manage Email Subscriptions Moderation Admin Console How to Post to DZone Article Submission Guidelines
View Profile
Sign Out
Refcards
Trend Reports
Events
Zones
Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks

How to Fix Mixed Content Warnings on Your Site

An introductory level article for those interested in getting started in web security, which shows how to find and correct mixed content issues on a site.

S.Prakash Chowdhry user avatar by
S.Prakash Chowdhry
·
Jun. 12, 18 · Tutorial
Like (2)
Save
Tweet
Share
4.50K Views

Join the DZone community and get the full member experience.

Join For Free

 Is the “mixed content” warning message driving you nuts? Thinking why are you facing this error despite installing an SSL certificate? Well, calm down as we’ve got your back. In this blog, we’ll help you resolve these mixed content warnings. But before we get to the solution part, you must understand the reason behind the mixed content warning message.

As you can tell by the warning message, there must be some sort of “mixed” content on your site. But what exactly? Well, here, mixed content means that the content on your site stems from HTTPS as well as HTTP. Now you might be (as you should) wondering why some content is served over HTTP when you’ve installed an SSL certificate. That’s because installing an SSL certificate is not enough.

It doesn’t guarantee that the content will be served through HTTPS only. Even if you install an SSL certificate and migrate to HTTPS, not all of your content gets migrated. As you see this error, it’s highly likely that some of the scripts or media files present on your site are served over insecure HTTP. This is never a good thing.

So, how do you fix this mixed content error? Simple, you migrate all of your HTTP content to HTTPS. But before you do that, you must find such content. Let’s see how you can do it.

How to Find Mixed Content?

First, go to any web page for which the browsers are showing a mixed content error. Now view its source code (by right-clicking), and search for src=http. Every resource with src=http is considered to be ‘mixed content.’

If this sounds like a lot of work to you, there’s an escape. You can go to www.whynopadlock.com and check for insecure links or resources on your site. Keep in mind that this may not yield extensive results. So, it’s better to go with the first option.

How to Fix a Mixed Content Warning?

As we said earlier, you must migrate your mixed content links to HTTPS. This can be done by adding HTTPS as the prefix instead of HTTP. Of course, this can only be done if you have the website under your control. What if you have given a reference to an external link that is HTTP? Well, in that case, you must ask the URL holder to move to HTTPS. If he/she isn’t able to do it for whatever reason, you must remove this link as it’ll continue causing trouble for you.

How to Fix Mixed Content Warning on a WordPress Website

If you happen to have a WordPress site, there’s a pretty straightforward way. It’s literally a cakewalk. All you have to do is download SSL Insecure Content Fixed and follow the instructions they’ve given. All of your insecure links will be shifted to HTTPS.

You can also use - Force HTTPS WordPress Plugin for SSL Redirect & Fix Insecure Content - https://wordpress.org/plugins/force-https-littlebizzy/

HTTPS

Opinions expressed by DZone contributors are their own.

Popular on DZone

  • How To Check Docker Images for Vulnerabilities
  • Event Driven 2.0
  • Stream Processing vs. Batch Processing: What to Know
  • Bye-Bye, Regular Dev [Comic]

Comments

Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 600 Park Offices Drive
  • Suite 300
  • Durham, NC 27709
  • support@dzone.com
  • +1 (919) 678-0300

Let's be friends: