i have been using the cloudflare ssl for years now and its been working fine until yesterday, i started seeing my website Showing the “Your connection to this site is not fully secure” at the address bar. (all option is enabled i.e the Https rewrites, Always use https etc)
I am using the ssl Full strict from the cloudflare. I have tried to use other options e.g Full, flexible but its still same. (I have cleared cache severally)
i also ordered for a new certificate and i copied and pasted the private key and the origin server key to my control panel, in which ive waited for 24 hours and its still same. i didnt do any recent changes to my website. i want to know what is causing this? Please help
It’s definitely Mixed Content. My favorite WordPress headers plugin is https://wordpress.org/plugins/http-headers/
In its Security section you can add a Content Security Policy with the “upgrade insecure requests” option.
You can fix mixed content by making sure your website is 100% HTTPS. That means the server has an SSL certificate, and you’ve gone through the database to make sure all URLs for your site assets have HTTPS, and Settings -> General shows HTTPS for your domain URLs.