How to Fix Mixed Content Warnings (HTTP/HTTPS)

After enabling HTTPS, you may still see a broken padlock or a browser warning that says "Not Secure" on some pages. This is caused by mixed content - when a page is loaded over HTTPS but some resources (like images, scripts, or stylesheets) are still referenced using http:// links.

How to Find Mixed Content

• Open your browser's Developer Tools (press F12), go to the Console tab, and look for warnings mentioning mixed content or blocked resources.
• Use an online tool like Why No Padlock or SSL Shopper's SSL Checker to scan your page.

How to Fix Mixed Content

For WordPress Sites

The easiest solution is the Really Simple SSL plugin, which automatically rewrites http:// URLs to https:// across your site. Alternatively, use the Better Search Replace plugin to do a database-level find-and-replace, changing all http://yourdomain.com references to https://yourdomain.com.

For Non-WordPress Sites

1. Audit your HTML, CSS, and JavaScript files for any hardcoded http:// URLs.
2. Replace them with https:// or use protocol-relative URLs (starting with //).
3. If you embed third-party content (maps, fonts, scripts), ensure those sources also support HTTPS.

After Fixing

Clear your browser cache and reload your page to confirm the padlock is solid and no mixed content warnings remain. If you need a hand tracking down the source of the warnings, contact our support team.