Fix Insecure WordPress Content Quickly With These Tools And Everything Worth Knowing About SSL Including Its Hackability
Before we jump into fixing any insecure content, you may want to glance over our Guide To All Things SSL for reference.
Purchasing the installing the SSL certificate is the first step to secure your WordPress site. Let’s assume you already did it. Unfortunately, in order to change the HTTP in a user’s browser to HTTPS can be more complicated than a simple certificate install. Everything on the page must be equally secure. If the lock on your SSL cert refuses to lock, you most likely have some insecure content.
Once your website has an active SSL certificate, all pages and posts should load with the HTTPS protocol. That’s the way it’s supposed to work, at least and most likely what you’re expecting. But if your website included any insecure content, it will load through HTTP by default and your users will see the following message, defeating their trust and confidence in your site:
What Exactly Is Insecure Content?
Insecure content isn’t as nefarious as it sounds. In reality, it’s usually related to your website’s coding and has nothing to do with your SSL certificate. The insecure content was already there before you installed the SSL.
Essentially, you’re looking for that one or couple pieces of content that is getting downloaded onto the page without HTTPS.
- What elements or content are hosted on a third-party site that is not using HTTPS?
- Is the SSL certificate of any third-party sites providing content (images, video, etc.) expired or invalid?
Mixed content – a page with secure and insecure content – is by definition not secure and cannot be browser locked. That’s going to cost you some trust and visitor confidence, so it’s important to track down the insecure content sources.
How To Locate and Fix Insecure Content
Thankfully these days we have a few advanced tools we can use to alleviate our frustrations of manually discovering the root cause of insecure content.
This handy free tool will automatically scan your site and check for any insecure content along with any potential HTTPS migration issues.
Catchy name that tells you everything you need to know. Enter your URL and the tool finds any insecure items on your site.
Once you’ve identified the insecure content, you can fix the issues.
Install the free SSL Insecure Content Fixer plugin for WordPress. The plugin corrects most mixed content warnings automatically. For more complicated issues, the plugin will provide helpful guidance.
Delete the insecure content from your site or re-upload the content, if licensing allows, directly to your site.
Use a reverse search to locate a secure site with the same or similar content and replace the link.
Dealing with insecure content on your WordPress site after you’ve bought and installed a SSL certificate can be frustrating. Luckily, thanks to a helpful plugin and free scanning services it’s never been easier to locate insecure content and fix it to win back that coveted browser lock.
The most important thing is not to procrastinate. Deal with the mixed content issue as soon as you discover it. Every additional hour that goes by is another hour your website visitors will see that embarrassing error message letting them know your site isn’t secure and shouldn’t be fully trusted.
Everyone who is selling something could use a strong info-product to compliment their brand and boost engagement. Whether you charge for it upfront or not is irrelevant. I’ve put together my 18 step cheat sheet for creating awesome products. Keep Learning >
Divi and Elementor are popular WordPress visual page builder plugins for a reason, but which is best for your needs? Let’s examine the similarities, differences, strengths, weaknesses and pricing to answer that question. Keep Learning >