2.15.1.2.4. Mixed content
Important points:
- Mixed content is not associated with the SSL certificate used.
- Setting up a redirect to HTTP / HTTPS will not solve the problem of mixed content (since it does not change the protocol in the links on the pages of the site), manipulations with the site itself are necessary.
Pages with mixed content (mixed content) are site pages opened via the HTTPS protocol, some elements of which (for example, styles, scripts, images) are requested via links with the HTTP protocol. The browser marks such pages as unprotected or incompletely protected and may block the loading of such elements. As a result, the site may be displayed or work incorrectly.
You can view information about the presence of mixed content on the current page of the site in developer tools in the browser. The toolbar is opened by pressing the key F12 or a combination Ctrl+Shift+C... Information is displayed in tabs Console and Security:
To fix the situation, you need to replace the HTTP protocol in all links on the site with HTTPS. Depending on the internal structure of the site and the CMS used, different actions may be required:
- Checking the correctness of the SSL settings directly in the CMS used.
- Use of specialized CMS plugins.
- Search and replace the protocol manually in the site files and / or its database.