Mixed Content; Injecting 5 http:// image links, not in source code

We have set up https://alexeagle.co.uk/ and it is running using SSL: FULL, Always Use HTTPS is set to YES, Automatic HTTPS Rewrites is ACTIVATED.

We are on Wordpress and have installed plugins:
Really Simple SSL
SSL Insecure Content Fixer

Hosting is Digital Ocean.

Wordpress access is showing up as https without any issues when logged in to the CMS.

For some reason when navigating to https://alexeagle.co.uk/ (and all pages) we are getting the error “Your connection to this site is not fully secure”. After inspecting using debugger under console it shows 5 images with http; URLs.

We’ve searched the source code and cannot find any reference to the 5 images found under the Console.

Has anyone got any ideas/Can help?

Thanks, Jamie

Check out

https://alexeagle.co.uk/wp-content/themes/The-Stores/js/thestores.js
https://alexeagle.co.uk/wp-content/themes/The-Stores/js/thestores-3.js
1 Like

Thanks so much. I can see the files clearly and have updated them. All working as expected now.
Quick question: how did you know to check these files?

Thanks again, Jamie

The usual, developer tools.

You are way better at that than the average bear @sandro :smiley:

2 Likes

When it comes to broken TLS I am like a shark. I can smell it from miles away :wink:

This topic was automatically closed after 30 days. New replies are no longer allowed.