Clean up WordPress website HTTPS insecure content
Look in your web browser's error console.
NB: after you open your browser's console, refresh your page so that it tries to load the insecure content again and logs warnings to the error console.
Why No Padlock? has a really good online test tool for diagnosing HTTPS problems.
You are probably loading content (such as images) with a URL that starts with "http:". Take that bit away, but leave the slashes, e.g.
https://www.example.com/image.png; your browser will load the content, using HTTPS when your page uses it. Better still, replace "http:" with "https:" so that it always uses https to load images.
If your page can be used outside a web browser, e.g. in emails or other non-web documents, then you should always use a protocol and it should probably be "https:" (since you have an SSL certificate). See Cleaning up content for more details.
If your website is behind a load balancer or other reverse proxy, and WordPress doesn't know when HTTPS is being used, you will need to select the appropriate HTTPS detection settings. See my blog post, WordPress is_ssl() doesn’t work behind some load balancers, for some details.
You are probably behind a reverse proxy -- see the FAQ above about load balancers / reverse proxies, and run the SSL Tests from the WordPress admin Tools menu.
You probably have a conflict with another plugin that is also trying to fix HTTPS detection. Add this line to your wp-config.php file, above the lines about
ABSPATH. You can then change this plugin back to default settings before proceeding.
Post about it to the support forum, and be sure to include a link to the page. Posts without working links will probably be ignored.
Great! Tell me which plugin is yours and how to check for your new version, and I'll drop the "fix" from my next release.
Requires: 4.0 or higher
Compatible up to: 4.7.1
Last Updated: 2 months ago
Active Installs: 60,000+
1 of 12 support threads in the last two months have been marked resolved.
Got something to say? Need help?