If an SSL certificate is installed on your site, visitors may receive mixed content warnings from their browsers, if you haven’t secured all the content displayed on a page visited. In this scenario, content that isn’t secured is readable and/or compromised, even if the page itself is encrypted.
These warnings can display the visitors a message of unsafe website. You can prevent this issue by configuring your site to only display secure content.
Mixed Content Scenarios
There are two of “mixed content” scenarios you should know:
• Mixed Active Content (or Mixed Scripting) – In this type of content, the site uses insecure connection to load a script. This type of potentially dangerous content is completely blocked by web browsers.
• Mixed Passive Content (or Mixed Display Content) – In this type of content, the site loads an image or audio file over an insecure connection. Since the content is “passive” (that is, no script or other executable things are included), web browsers won’t strictly block it. But, warnings can get triggered, losing visitor confidence.
Find Mixed Content
You can find mixed content on your site with an easy resource such as Why No Padlock? Just enter the URL of pages receiving content errors and the site will automatically scan for issues.
Why No Padlock? will reveal CSS stylesheets, insecure calls to images, scripts and other resources, identify expired SSL certificates, and more.
Serve All Content via HTTPS
For resolving the mixed content warnings, make sure that all of your content is served over HTTPS connections.
Search your page’s HTML for HTTP elements where the warning occur and delete or switch to HTTPS, if the content is available in a safe form. For switching, simply change the HTTP hyperlink (http://www.somedomain.com/foo.png) to HTTPS (https://www.somedomain.com/foo.png).
If still you find any problems or if you need any help, please raise a support ticket from your MilesWeb Dashboard.