Mixed content – SSL http/https issue

  • Hi All,

    Approximately 2 months ago I installed a SSL certificate on my site, catherinerushforth.com. I changed the site and WordPress URL in the admin area of WordPress to include https:// instead of https://. All was fine.

    Then, about 2 weeks ago I started to have a problem with “Mixed Content” errors on all pages except the main home page. There doesn’t seem to be an issue when viewing the site with Safari but there is a problem with Chrome, Firefox and Internet Explorer. I inspected the Javascript console in Chrome (as an example) and saw multiple “Mixed Content” errors, including:

    Mixed Content: The page at ‘https://catherinerushforth.com/specialist-safeguarding/safer-recruitment-training/’ was loaded over HTTPS, but requested an insecure stylesheet ‘https://catherinerushforth.com/wp-content/themes/x/framework/css/site/stacks/integrity-light.css?ver=4.0.0’. This request has been blocked; the content must be served over HTTPS.

    and,

    Mixed Content: The page at ‘https://catherinerushforth.com/specialist-safeguarding/safer-recruitment-training/’ was loaded over HTTPS, but requested an insecure script ‘https://catherinerushforth.com/wp-includes/js/jquery/jquery.js?ver=1.11.2’. This request has been blocked; the content must be served over HTTPS.

    This is what I have do so far to try and fix these mixed content errors:

    1. Changed https:// to https:// in the WordPress Admin section for the site and WordPress URLs (Settings/General)

    2. I’ve added “define(‘FORCE_SSL_ADMIN’, true);” to the top of the wp-config.php file.

    3. I’ve added the following pieces of code to the .htaccess file:

    RewriteEngine on
RewriteCond %{HTTP_HOST} ^catherinerushforth.com [NC]
RewriteRule ^(.*)$ https://catherinerushforth.com/$1 [L,R=301]

    With this code I get “ERR_TOO_MANY_REDIRECTS”

    4. I’ve also tried the plugin, WordPress HTTPS (SSL).

    None of the above have worked.

    Does anyone know what I am doing wrong and/or have any suggestions as to how I can fixed this issue?

    Many thanks.

    David

    WordPress version: 4.2.2
    Theme: X-theme v.4 (although issue was the same in previous version of this theme)
    Site: catherinerushforth.com

Viewing 7 replies - 1 through 7 (of 7 total)

  • Have you tried clearing your browser cache since you made the changes?

    I didn’t visit every page, but I checked the home page and a few others in Firefox and didn’t get any warnings about mixed content. The links appear to be https, and jQuery is loading via https too, so no error there, so it looks like it’s working for someone who visits the site for the first time.

    Thread Starter spidermonkeydp

    (@spidermonkeydp)

    Hi linux4me2,

    Thank you for you advice.

    Yes, I have cleared the browser cache but it doesn’t make a difference. I’ve tried in both Firefox and Chrome.

    Do you have any other ideas?

    Thanks.

    That’s really weird. If you give me a specific page where you’re getting those warnings, I’ll take a look.

    Thread Starter spidermonkeydp

    (@spidermonkeydp)

    Hi linux4me2,

    That’s kind of you. One of the pages is https://catherinerushforth.com/specialist-safeguarding/designated-lead-person-training/.

    In fact I’m having the problem with every page except the home page.

    Thanks.

    I’m at a loss. That page is working fine for me with no messages like what you’re seeing. If I look at Security messages, all I see is “This site makes use of a SHA-1 Certificate; it’s recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.” That’s not unusual with the less-expensive SSL certificates.

    Have you tried viewing the site from another computer to see if only your machine is affected?

    Thread Starter spidermonkeydp

    (@spidermonkeydp)

    Thanks for having a look and think about this.

    Yes, I’ve tried look at the site from two different computers and at different IP addresses and the mixed content error still persists.

    I’ll keep searching for the issue.

    Thanks for your help. If you do come up with another idea, I’d really appreciate hearing about it.

    Many thanks.

    If you’ve used computers that are running Windows and have viewed the site in its pre-SSL state, you may be just having a cache-clearing issue. Sometimes, Windows versions of browsers don’t seem to obey the Ctrl+F5 and clear cache commands.

    The other thing to check is to look at the source code for a page that’s giving you errors and see if in fact the http rather than the https versions of files are loading. On my machine, I’m really seeing the https versions, which explains why there are no warnings:

    <script type='text/javascript' src='https://catherinerushforth.com/wp-includes/js/jquery/jquery.js?ver=1.11.2'></script>

    and

    <link rel='stylesheet' id='x-gravity-forms-css'  href='https://catherinerushforth.com/wp-content/themes/x/framework/css/site/gravity_forms/integrity-light.css?ver=4.0.0' type='text/css' media='all' />

    Please post if you find a solution.

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Mixed content – SSL http/https issue’ is closed to new replies.