Unable to Fix Mixed Content Issues

I have tried several things to get rid of mixed content issues on my website (https://www.millworksconstructionservices.com/), but can’t find where those links are to be able to update them. Any thoughts?

Things I’ve Tried

  • Better Search and Replace
  • Real Simple SSL
  • Looking Through My Theme Files and Doing a Search Through the Code
  • Remove the Image and Add Them Back
  • 301 Redirect the HTTP URL to HTTPS
  • Remove Images Altogether
  • Chased My Tail All Darn Day

Have you used developer tools to see exactly what is loading insecurely?

If not, you can use a tool like this:

https://www.whynopadlock.com/results/1508b9d7-fc3d-4b69-a4c6-4521018c9dba

Have you also tried all the steps here?

Personally, for WordPress, I like the plugin Real-Time Find and Replace, it can be a bit hands on with fixing the mixed content though!!

My surefire go-to is to put this in .htaccess:
Header always set Content-Security-Policy: upgrade-insecure-requests

4 Likes

You could just search your MySQL database for the 6 URLs with http://www.millworksconstructionservices.com/ then add the s.

The images are being invoked by this style.css file:

https://www.millworksconstructionservices.com/wp-content/uploads/cherry-css/style.css?ver=1552000045

And they have paths leading to the theme:

background:url(http://www.millworksconstructionservices.com/wp-content/themes/theme57738/images/false_button.png) 0 0 repeat;

I’d check the child theme’s style.css file. If you don’t have a child theme, create one and edit the style.css to copy the relevant parts, replacing with https://.

I wonder if Automatic HTTPS Rewrites on the SSL/TLS app wouldn’t have avoided this.

1 Like

If I could share a GIF here, it would be the guy banging his head on a desk. Yep, that was easy enough - thank you!

4 Likes

Yep, went through all of that too, but still couldn’t find anything to get rid of these last remaining 5 URLs, but @sdayman’s response did the trick!

2 Likes

I tried that too - they’re not pulling up! I have no idea what is going on. Thanks for the tip, though!

YES!!! There they are - geez! Thank you so much!!!

2 Likes

And I did this too: “I wonder if Automatic HTTPS Rewrites on the SSL/TLS app wouldn’t have avoided this.” I’m not sure why those few weren’t caught, but life is good now, so thank you for the help!!!

1 Like

Because this works in HTML pages only, won’t parse JS and CSS as far as I know.

2 Likes

This topic was automatically closed after 14 days. New replies are no longer allowed.