⚠️ Mixed Content Warnings and How to Fix Them

After installing an SSL certificate and forcing HTTPS, you might still see browser warnings like “Not Fully Secure” — even if your site loads using https://. This is usually caused by mixed content: when some resources on your site (like images, scripts, or stylesheets) are still being loaded over http:// instead of https://.

Don’t worry — this is a common issue and totally fixable! 💪

🔍 What is Mixed Content? #

Mixed content happens when:

• Your main page loads over https:// ✅
• But some elements (like images, CSS, or JavaScript) still load from http:// ❌

Browsers block or warn users about these elements because they could compromise the security of your site.

🧪 How to Check for Mixed Content #

Here are some easy ways to find out what’s causing the warning:

🧰 Option 1: Use Online Tools #

• Why No Padlock
• SSL Checker
• JitBit SSL Check

🧑‍💻 Option 2: Use Your Browser’s Dev Tools #

1. Open your site in Google Chrome
2. Right-click and choose Inspect
3. Click the Console tab
4. Look for warnings like: “Mixed Content: The page at ‘https://yourdomain.com’ was loaded over HTTPS, but requested an insecure resource…”

These messages will show you exactly which file is causing the issue.

🛠️ How to Fix Mixed Content #

🖼️ 1. Update Links in Your Website Code #

Go through your website’s HTML, CSS, or JavaScript and:

• Change all http:// links to https://
• For images, scripts, fonts, videos, and stylesheets

If you’re using a CMS like WordPress, these may be stored in theme files or page builder content.

🌐 2. Use a Plugin (for WordPress Users) #

The easiest way to clean up mixed content in WordPress is with a plugin:

• 🔌 Install Really Simple SSL
• 🔄 It will automatically scan your content and fix most mixed content issues
• 🧽 For deeper cleaning, try Better Search Replace to update URLs in your database

🧾 3. Update Your Site Database (Advanced) #

If your old site content still includes http:// links (especially for images or media), you can:

1. Use phpMyAdmin in cPanel
2. Search for http://yourdomain.com
3. Replace it with https://yourdomain.com

⚠️ Backup your database before making changes!

📄 4. Check Your Themes, Plugins, and Widgets #

Some themes or plugins hard-code http:// links. You may need to:

• Contact the theme/plugin developer
• Manually update code files in your theme folder
• Remove and re-add widgets with updated URLs

📦 Bonus Tip: Use Relative URLs (Optional for Developers) #

Using relative URLs (like /images/logo.png) instead of absolute URLs (http://yourdomain.com/images/logo.png) helps avoid mixed content across different environments.

✅ Final Checks #

After making changes:

• Clear your site cache and browser cache
• Re-scan your site using Why No Padlock
• Confirm the padlock icon 🔒 appears in your browser address bar

🆘 Need Help Fixing Mixed Content? #

If you’re not comfortable editing code or still seeing warnings, the Ozzietel team is here to help:

• 💬 Live Chat: ozzietel.au/contact-us
• 📞 Phone: 02 8328 1099
• 📧 Email: support@ozzietel.com.au