May 6, 2019
May 6, 2019
If you run into a mixed content warning on your WordPress site, don’t just wave it off. This warning indicates misconfiguration. This warning may lead to a more serious problem, if not addressed, but luckily you can fix mixed content warnings fairly easily.
In this article, we will learn what a mixed content warning is, why it is important, and how to fix it easily.
Depending on your browser, you will find different information that indicates the mixed content warning.
Basically, the warning informs that there is insecure content found on your website’s page. In most cases, this happens after performing a migration from HTTP to HTTPS.
When you migrate from HTTP to HTTPS, you do it to create a more secure connection.
But if the change is not configured correctly, WordPress wouldn’t load all the resources over an HTTPS connection. The outcome is the browser issuing the mixed content warning.
Furthermore, there are three circumstances that cause a mixed content warning:
But, why do you need to use HTTPS over HTTP? Simply put, it adds security.
HTTPS stands for Hyper Text Transfer Protocol Secure, meaning that all the data transferred is encrypted for security. With this encryption, anyone who is not entitled to the data can’t read it. All sensitive information like credit card details is protected.
If your WordPress website is SSL protected – uses HTTPS – you will see a green padlock in the address bar. You can click on it to get the details of the certification.
Simply put, your website may be unsafe. That’s why fixing it ASAP is essential.
Today, security is not an option.
In fact, it is one of the top priorities when managing WordPress sites. If you use a secure HTTPS connection, you reduce potential risks that may affect your visitors.
An insecure connection might make your customers hesitate to make any financial transactions on your website. So, if you run an online business, make sure your customers don’t meet this warning before the buying process.
SEO is a vital factor for any website that wants to attract visitors organically.
Google has officially confirmed that HTTPS is a major SERP rank factor. Mixed content may affect your website’s loading speed too. Keep in mind that speed is an SEO factor as well. Hence, ignoring mixed content warning would challenge your SEO efforts.
The insecure content displayed in your visitor’s browser might break your company’s reputation. The warning may create a bad user experience and hinder you from building customer trust.
So, if you have great, informative content but suffer security issues, the visitors will leave as quickly as they come.
There are two types of mixed content:
Before you get into the fixing part, you need to identify the problem.
The first thing you need to make sure is whether you already have an SSL certificate for your website. If you don’t, you can get it from Hostinger for an affordable price.
Now, let’s continue with identifying the errors using three different methods: a plugin, online testing site, and inspect element.
You can install a plugin to identify HTTP elements before repairing.
WordPress HTTPS (SSL) is one of the best plugins to handle the task. Once you install and activate the plugin, you can go to the HTTPS settings page in the dashboard. There you will have options to:
You can also use WhyNoPadLock. This online testing site has helped more than 5 million websites manage their security.
All you have to do is enter your URL and start testing the page. If you have issues you would see an output similar to this.
But, if you have a green check mark, that means your website is well-configured.
Alternatively, you can try HTTPS checker. This great tool has an online and desktop version. It will help you check any active or passive mixed content, insecure redirects and links, and your site’s SSL certificate status.
The third method is our recommendation.
If you use Google Chrome as your main browser you can use the inspect element tool by right-clicking on a page then clicking Inspect -> Console.
Basically, you don’t have to search for the errors manually, as the tool would help with the list of errors that need to be fixed. But, keep in mind that this way you would check the problem page per page.
If you want to check problems in bulk, you can use the Ahrefs audit tool. This tool will help you check links and resources that cause issues. In fact, this tool can do a more thorough site audit besides identifying only mixed content.
After identifying the issue, it’s time to fix mixed content on your WordPress site.
The easiest way of doing it is to change from HTTP to HTTPS for the identified problems. To do this, you can go to the WordPress dashboard, Settings -> General. Then, make changes to both the WordPress Address (URL) and Site Address (URL).
But, this method would be time-consuming if you have to fix the issue on the whole site manually.
You can install SSL Insecure Content Fixer plugin to help you diagnose the problems easily.
Once installed and activated, go to the Settings page. You can choose one of the five fix levels:
Our recommendation is to start with the default option and gradually move to the next levels if you want to perform more advanced fixes.
Ignoring the mixed content warning is a bad idea. It creates a weak link in your website’s security, so immediate action is highly recommended.
We have learned that fixing mixed content warnings in WordPress is not as hard as it seems. You’re free to use the methods that you prefer. But, sometimes, you need to do more advanced troubleshooting if the problem persists.
Happy fixing and keep your WordPress website safe!