Google has made getting sites switched over to HTTPS a priority. Initially they offered the carrot of a small SEO boost to all sites accessible over SSL, now they are taking out the whip. Starting in July 2018, version 68 of the Chrome browser will mark all non-HTTPS sites with a highlighted “Not Secure” in its URL bar. You should definitely make the move over to HTTPS if you haven’t done so yet (here’s a great how-to article if you fancy doing it yourself.).
Mixed Content Errors
For those of you who have made the switch, you may run into the dreaded Mixed Content Errors. Simply put, these errors result from your HTTPS site trying to serve resources (often images, but also scripts and iframes among others) over HTTP.
The effect of the Mixed Content Errors on the reader’s experience can differ with the browser being used, but according to this article from Google, these errors weaken the security of the entire page. In Chrome, for example, your site with lose the green Secure padlock.
No Mixed Content Errors on the Page
With Mixed Content Errors on the Page
Fixing the Errors
Resolving Mixed Content Errors may simply require changing the resources referenced in your posts to be served over https instead of http. However, if those resources are not available over https (because, unlike you, the host of those resources hasn’t yet installed an SSL Certificate), those resources will break. This can lead to missing images and broken script functionality that’ll you’ll want to track down and clean up.
The HTTPS Resources Fix
For these reasons, we created the HTTPS Resources Fix. This fix will scour your posts for resources still being served over HTTP. If that resource is available to be served over HTTPS, it will be updated to do so. At the end of the service, we will present you with a list of posts and resources that can’t be served over Https and will need to be replaced manually or removed altogether.
As a bonus, all internal links with also be updated to https, avoiding potentially server-slowing 301 redirects when clicked on.
Don’t have an SSL Certificate Installed?
If you don’t have an SSL certificate installed (such that your site is not available through https), choose the Complete HTTPS Conversion option below. We’ll work with your host to install an SSL certificate from Let’s Encrypt, configure your WordPress installation to use it, setup the appropriate redirects, and run our resources fix to make sure you don’t have any mixed content errors.
You must log in to submit a review.