Help Centre

Support > Security & Compliance > SSL Certificates

How To Find And Fix Insecure Content Using SSL

If you are using SSL it’s important to pay attention to your website pages and ensure that all your content is served via a secure connection. Here are some tips on what to do if you find any “mixed content" or "insecure content” errors and how to fix them.

What is mixed content and how do these errors arise?

When you visit a website which is fully SSL encrypted, you’re accessing the content over https:// and your internet browser is aware of this.

If any of your content is being served via a non https:// URL, your browser will pick up on this. Depending on the internet browser this can result in an “insecure content” warning for example, or the content could be blocked altogether.

How can I investigate mixed or insecure content errors?

If you think you may have content on a page of yours that is being blocked or bringing up certificate warnings, use the steps below for a handy trick on locating that mixed content. Google Chrome makes it really easy to do this, however most modern browsers will have the same tools.

  1. Access your live website
  2. In the top right-hand corner of the browser click the browser menu (often looks like three lines)
  3. Click "More Tools"
  4. Click "Developer Tools"
  5. A new menu will now open
  6. Using either the top menu bar on this page, or the bottom one, locate the “Console” tab

As an alternative to the steps above you can also access the Console area by right clicking the page > click "Inspect Element > click "Console".

This Console area will display any insecure or non https:// content via mixed content errors or warnings. 

I've found an error - how do I fix the content?

For an idea on the type of content that could be causing an error take a look at our guide "How To Ensure Your Website Content Is Secure". With this in mind, look at a specific error using the steps above.

The error might read something like:

"Mixed Content: the page at https://yourdomainname.co.uk/page.html was loaded over HTTPS, but requested an insecure image http://yourdomainname.co.uk/page/image.jpg"

In this case it will be an image that is causing the error, due to it being loaded via http:// instead of https://. If you click on the second URL (the http:// one), it will show you the insecure content.

Fixing the content will depend on the error shown. If the content, such as an image, is hosted externally we recommend adding the image to your Create account and replacing it on the page. However, using the tips in the above mentioned guide, you can determine how to update the content to be secure.

More Questions?

If you have any further questions, please get in touch and we will be happy to help.

Get in Touch