How fix Insecure content error message

You can use either of the options below to remove the insecure content warning;

  1. If your website is built on Wordpress, there are multiple plugins available for fixing insecure content", such as Really Simple SSLWordpress HTTPS, and Insecure content fixer.

 
Note: For EasyWP websites, if the plugins don’t fix the mixed content and the manual changes in the database are not saved, please contact our Hosting/EasyWP team to clear the cache from our side to accept the changes.

  1. Add this special header to your site .htaccess file:

    Header set Content-Security-Policy: upgrade-insecure-requests env=HTTPS


    • This header works for most popular browsers. It’s only sent if the page is requested via HTTPS (because of the env=HTTPS condition). When accessed via https://, it informs all browsers to use https:// links for images/scripts/CSS/frames/videos even if they are explicitly specified as http:// in the HTML page source.
    • Please keep in mind that the header should be put into the correct .htaccess file(for the website in question) so that the rule works for the website with the insecure content issue.
    • Additionally, in order for the rule to work properly, the header should be in the first linein the mentioned file.

  2. Update all the HTTP links to HTTPS ones manually in the website’s script. For example, you should move the image file to a secure part of the site, e.g., https://secure.yyy.com/image.gif. If the content is linked from a third-party source, you could upload it to your server and make it secure;

  3. Make the links relative to the root directory by adding a backslash before the file name as in the following example: ‹img src="/image.gif"›. This would translate to both ‹img src="https://www.yyy.com/image.gif"›and ‹img src="http://www.yyy.com/image.gif"›. This way, the browser will choose the proper HTTPS or HTTP link to display the image or content depending on which connection to the website (secure or not) is used.

If you didn’t create the site yourself, you will need to contact either your web designer to get assistance with troubleshooting the issue or you can contact us for your website maintenance services @ wpjolly.com

  • 4 Users Found This Useful
Was this answer helpful?

Related Articles

How to Enable an SSL Certificate

You’ve purchased a certificate; now it’s time to make use out of it! Since SSL certificates...

Generating a CSR using cPanel

Please follow the instructions below to generate the CSR code in your cPanel account: 1) Log...

How to install FREE SSL on cPanel

You’ve purchased your hosting; now it’s time to install SSL for FREE! Kindly use the below...

What brand of SSL do you offer?

We use comodo ssl to protect your users with https. Comodo's fully functional digital Free SSL...

WHAT IS AN SSL CERTIFICATE?

An SSL certificate acts as third-party verification for a website’s security. It verifies the...