How To Fix Mixed Content

Mixed Content

Mixed Content can be a negative factor for SEO rankings It also can theoretically be read or modified by attackers, even though the parent page is served over HTTPs. This will cause a warning message to appear in most browsers. Website visitors will either pay no attention to the warning or they will navigate away from your site and presume that you have not paid the proper attention to the security risks.

The best solution, of course, is to make sure that these by correctly configuring your site to serve only secure content. A mixed content warning means that there are both secured and unsecured elements being served up on a page that should be completely encrypted.

Types of Mixed Content

There are actually two types of mixed content. The most common is “mixed passive content” or “mixed display content.” This occurs when an HTTPS site loads something like an image or audio file over an HTTP connection. This type of content does not actually ruin the security of the page, but it’s still a bad security practice.. The most common cause of all mixed content warnings is caused when a site that is supposed to be secure is configured to pull images from an unsecured source.

The more dangerous type of mixed content is “mixed active content” or “mixed scripting.” This occurs when an HTTPS site loads a script file over HTTP. Loading a script over an insecure connection completely ruins the security of the current page. Web browsers generally block this type of mixed content completely.

Finding Mixed Content Issues

The best way to avoid mixed content issues is to serve all content via HTTPS instead of HTTP. You can easily search for mixed content by searching for HTTP elements directly via your source code.

  1. Open the source code of any page
  2. Using a search function search for “src=http” look for resources such as images, JavaScript, and links that are being called over a non-secure (HTTP) connection.

Fixing Mixed Content

You’ll first want to check if the resource is available over an HTTPS connection by copying and pasting the HTTP URL into a new web browser and changing HTTP to HTTPS. If the resource (i.e. image, URL) is available over HTTPs then you can simply change HTTP to HTTPS in your source code.

Conclusion

The main thing is to make sure you are hosting all images, videos, audio files and resources on a secure source. Links can be easily found using Google Webmaster Tools or an SEO platform like SEM Rush. It is best to remember that security is first, but user experience is a close second to any website designed to convert website visitors into customers.

Eric Van Cleave is CEO of Zenergy Works, A Santa Rosa, California based SEO and Website Development Firm.

Comments are closed.