So you want to start handling transactional data on your website or perhaps want to improve your SEO with Google by installing an SSL Certificate, but you’ve come across a mixed content warning.
Let’s start with the SSL installation. To achieve this, VentraIP Australia offers you two options; either a COMODO SSL Certificate, which comes free with all our Web Hosting plans, or with a warranty-backed paid alternative from Trustwave.
The problem of a mixed content warning?
A problem after installing an SSL Certificate is that you don’t see that much-wanted Green Padlock and the word ‘Secure’ in your toolbar. Instead, you see an exclamation mark and the words ‘Connection is Not Secure’ or a ‘Mixed Content warning. But you have an SSL certificate installed, so the traffic between your server and browser should be encrypted.
Well, it isn’t the server that is causing the problem. It’s your code. Browsers want to make sure they protect their users, so when you visit a website using an SSL Certificate, the browser will happily use it for content that it’s sending to the visitor.
Why Is My Website Throwing This Error?
The short and sweet version of why your site throws this warning could be one of three reasons. Your site is encrypting some content, but not all, somewhere in your code, you are linking a resource that is being pulled over a non-secure connection, or the browser is trying to protect the visitor by letting them know that not everything from the website is being encrypted.
Let’s Look At A Real-Life Example
Say your code requests an image from your server, but it’s requesting that image over a non-secure connection. The browser will throw a ‘Mixed-Content’ error, which means some of the content is encrypted, and some aren’t. That’s because your blog posts and text are encrypted, but the image or resource being referenced isn’t.
In some cases, the browser may even block this content to protect the user who breaks websites because Javascript and CSS files are being blocked, so all the formatting you worked so hard on is destroyed, and your site looks like a mess.
How Do We Know What Is Being Insecurely Loaded?
Your browser will typically tell you what is being insecurely loaded. You can access it through the following shortcuts:
Chrome: On Windows: F12 or Mac: Cmd + Opt + I
Firefox: On Windows: Ctrl + Shift + I or Mac: Cmd + Opt + I
Safari: On Windows: Ctrl + Shift + I or Mac: Cmd + Opt + I
How Do You Fix Mixed Content Warnings?
The resources listed in the console need to be called through HTTPS:// instead of HTTP://, though this is sometimes easier said than done. If you are using WordPress, consider using a popular plugin known as “Really Simple SSL”. This will do all the hard yards for you, and as long as you have an SSL Certificate installed, it will fix your mixed-content warning. If you aren’t sure how to edit your code, you will need to get in touch with a developer to perform this for you.
