Support » Plugin: Contact Form 7 » Really simple captcha breaking SSL secure connection

  • Hello,

    I recently set up a form on a new website which uses an SSL certificate. The form is secure until I try and submit anything. I’m getting the following error once the submission is made:

    The page at 'https://XXXXX/contact/' was loaded over HTTPS, but displayed insecure content from 'http://XXXXX/wp-content/uploads/wpcf7_captcha/XXXXXXXXX.png': this content should also be loaded over HTTPS.

    Is there any way to fix this? I’d like the whole journey to be secure for the user.



Viewing 12 replies - 1 through 12 (of 12 total)
  • I’m interested to hear about this too…

    Add the following to functions.php in your theme 😉

    // Force SSL on form captcha


    great thanks Ox, I’ll get that added 🙂

    No worries!

    Happy Friday.

    I just tried to implement this and it still loads on http, I’ve cleared cache, restarted browser etc and still no joy.

    Can you confirm which plugin you’re using to implement HTTPS?



    Well I have my site urls set as https and also have wordpress https running, maybe I have a setting wrong in there as some pages are definitely not being forced into https.

    I always assumed if you had site urls fixed as https that would force all pages to https on its own?

    Good to hear that you’re using the WordPress HTTPS plugin.

    The problem may lie in you forcing SSL on every page. Within the plugin settings it says:

    Any page that is not secured via Force SSL or URL Filters will be redirected to HTTP.

    Try and un-tick this option and specify the form page in “URL filters” i.e. /contact.

    See if that does the trick.


    Hi Ox,

    sorry for delay, I just checked and that setting is already unchecked. I will try and specify the page as you suggest.

    Thanks for the help

    No worries buddy. If that doesn’t work, I’m not sure what else you can do.

    Best of luck and have a good weekend!


    I was able to get this working by implementing the fix described in this post.

    Essentially, I edited wp-includes/default-constants.php and changed the wp_plugin_directory_constants function as follows:

    function wp_plugin_directory_constants( ) {
            if ( !defined('WP_CONTENT_URL') )
                    define( 'WP_CONTENT_URL', get_option('siteurl') . '/wp-content'); // full url - WP_CONTENT_DIR is defined further up
            if ( !defined('WP_CONTENT_URL') )
                    define( 'WP_CONTENT_URL', site_url( 'wp-content') ); // full url - WP_CONTENT_DIR is define with https or http per connection

    Hopefully this will be helpful to others.

Viewing 12 replies - 1 through 12 (of 12 total)
  • The topic ‘Really simple captcha breaking SSL secure connection’ is closed to new replies.