Support » Plugin: WordPress HTTPS (SSL) » [Plugin: WordPress HTTPS (SSL)] pesky favicons causing insecure content

  • Resolved JonnoPrice


    Hi Mike.. Firstly thanks for a great plugin.. and sorry if this has been answered elsewhere – I wasn’t able to find the solution myself.

    I know your plugin works because everything was working fine a couple of days ago. I have forced SSL Admin/Login and also on a page to “Submit Content” and got the nice green https..

    Then yesterday, after I had done a bunch of work with installing W3 cache, Cloudflare and a few other plugins I noticed that now I’m getting the dreaded Chrome “Insecure Content” warning when trying to login.

    Seems it is fetching the favicon (twice for some reason) and this is being served over http… I’ve tried removing your plugin and then reinstalling and activating in the hope it will fix things like it did before but no go.

    I’ve also purged all caches, on my machine, W3 and on Cloudflare..

    Can you help a brother out?

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Author Mike Ems


    Post a link. I can probably tell you where it’s at.

    Thanks Mike.

    Note: the site is currently locked down (using Restricted Site Access plugin) whilst in development.

    So you should be redirected to the login page which is what I want secure.

    Let me know if you need access and I can create a temp account for you.. Or I can add you IP address to the whitelist.


    Plugin Author Mike Ems


    After the page loads, an <object> tag with the favicon in the data attribute is created at the end of the body tag. Since the tag does not appear in the source code, it’s safe to say that JavaScript is adding this in.

    Try disabling plugins until it stops. It’s possible that it’s not one plugin, it could be a conflict with two plugins, or a plugin and your theme.

    Thanks Mike… will start deactivating plugins and will report back here if I manage to figure out which one it is.

    Hi Mike, I’ve not been able to find a plugin causing the problem..

    Probably a n00b question but..

    Just wondering – using the Google Chrome console – I find that the following error is being logged..

    The page at displayed insecure content from
    10[blocked] The page at ran insecure content from

    Would it make any difference if I simply deleted the favicon? (not that I’ve been able to find that damn file using FTP.)


    hey again.. problem solved – got there in the end.

    Copied a new favicon.ico file to the root directory using FTP.

    then placed the following line in between the <head> tags of the header.php file.


    No more unsecure elements 🙂

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘[Plugin: WordPress HTTPS (SSL)] pesky favicons causing insecure content’ is closed to new replies.