Seeing a mixed content error on your WordPress site can be frustrating, but don’t worry, you’re not alone! This happens when some parts of your site load over HTTP instead of HTTPS, causing security warnings.
If you don’t fix it, your site’s security, SEO, and user trust can take a hit. But the good thing is that fixing WordPress mixed content errors isn’t too hard!
In this guide, we’ll explain what causes this issue, how to find it, and, most importantly, how to fix it, manually or with plugins. By the end, your site will be fully secure and running smoothly!
What Are WordPress Mixed Content Errors?
A mixed content error happens when your WordPress site loads both HTTPS and HTTP elements at the same time. This usually occurs when some images, scripts, or stylesheets still use old HTTP links instead of secure HTTPS ones. It often happens after installing an SSL certificate but forgetting to update all site links.
So, what’s the difference between HTTP and HTTPS? Simply put, HTTPS is secure, while HTTP isn’t. Websites using HTTP don’t encrypt data, making them vulnerable to hackers. HTTPS protects users' information and boosts search rankings.
Ignoring this issue can hurt your site’s security and performance. Visitors might see browser warnings, making them leave your site. It also affects SEO since search engines prefer secure websites. That’s why it’s crucial to act quickly and remove WordPress malware to protect your site and maintain trust with your audience.
How To Check For Mixed Content Errors?
Before applying a WordPress mixed content error fix, you first need to find the problem. The easiest way is by using your browser’s developer tools. In Chrome, right-click anywhere on your site, select Inspect, and then go to the Console tab. If there’s a mixed content error, you’ll see a warning in red, showing which files are causing the issue. Firefox has a similar tool.
Another way is by using online tools like Why No Padlock? or SSL Checker, which scans your site for insecure content. These tools highlight any HTTP elements that need fixing.
You can also check using WordPress plugins like Really Simple SSL or SSL Insecure Content Fixer. These plugins scan your site and automatically correct insecure links.
Once you’ve found the errors, it’s time to fix them hence, in the next section, we’ll go over manual and plugin-based solutions to get your site fully secured.
Fixing Mixed Content Errors Manually
If you’ve found a mixed content error on your site, don’t worry! A WordPress mixed content error fix is easier than it sounds.
You just need to update all HTTP links to HTTPS. Let’s go through each step one by one.
1. Update URLs in WordPress Settings
Sometimes, the issue starts in your WordPress settings. To check:
- Log in to your WordPress dashboard.
- Go to Settings General.
- Look for the WordPress Address (URL) and Site Address (URL).
- If they start with http://, change them to https://.
- Click Save Changes.
This simple step fixes many mixed content errors. But if you still see issues, you’ll need to update other parts of your site.
2. Fix URLs in Theme Files and Templates
If your theme’s code includes hardcoded HTTP links, you’ll need to update them manually. Here’s how:
- Go to Appearance Theme File Editor in WordPress.
- Open header.php, footer.php, and functions.php files.
- Look for any http:// links (such as images, fonts, or scripts).
- Change them to https://.
- Click Update File to save changes.
If you’re using a child theme, make sure to update the files there too.
3. Update Content and Media Links
Old blog posts or pages may still have HTTP images, scripts, or stylesheets. You can fix this in two ways:
Manual Fix:
- Go to your WordPress editor and check images, links, and embedded content.
- If you see http://, update it to https://.
- Save the changes.
Bulk Fix Using a Plugin:
- Install and activate the Better Search Replace plugin.
- Go to Tools Better Search Replace.
- In the Search for box, type http://yourwebsite.com.
- In the Replace with box, type https://yourwebsite.com.
- Select all database tables and run the search-replace process.
This will automatically update all URLs across your site.
4. Updating Database URLs Using phpMyAdmin
If the above steps don’t work, you may need to update URLs directly in your database.
- Log in to your hosting account and open phpMyAdmin.
- Select your WordPress database
- Then, click on SQL and run this query:
UPDATE wp_posts SET post_content = REPLACE(post_content, 'http://yourwebsite.com', 'https://yourwebsite.com')
4. Click Go to run the query.
This updates all old HTTP links in your content.
5. Clear Cache
After making these changes, clear your browser cache and WordPress cache if you’re using a caching plugin. Then, refresh your site to check if the WordPress mixed content error fix worked.
Fixing Mixed Content Errors With Plugins
If manually fixing mixed content errors sounds complicated, don’t worry! You can use WordPress plugins to make the process much easier.
These plugins automatically update HTTP links to HTTPS, helping you apply a WordPress mixed content error fix without editing code. Let’s look at some of the best options and how to configure them properly.
Really Simple SSL
Really Simple SSL is one of the easiest ways to fix mixed content errors. It automatically detects HTTP links and updates them to HTTPS. Here’s how to set it up:
- Install and activate the Really Simple SSL plugin.
- Go to Settings SSL in your WordPress dashboard.
- The plugin will detect your SSL certificate and suggest enabling HTTPS. Click Activate SSL.
- Clear your browser and WordPress cache, then reload your site.
That’s it! The plugin automatically redirects HTTP links to HTTPS, fixing most mixed content issues.
Better Search Replace
If you have many HTTP links in your database, Better Search Replace helps update them in bulk. Here’s how to use it:
- Install and activate Better Search Replace.
- Go to Tools Better Search Replace.
- In the Search for box, type http://yourwebsite.com.
- In the Replace with box, type https://yourwebsite.com.
- Select all database tables, then check the Run as dry run? box to preview changes.
- If everything looks good, uncheck the dry run and run the process.
This updates all old HTTP links in your content, fixing mixed content errors.
SSL Insecure Content Fixer
SSL Insecure Content Fixer is another great plugin that scans and fixes HTTP elements automatically. It works well for themes and plugins that still load insecure resources. However, sometimes fixing these issues can reveal WordPress theme conflict issues, especially if your theme isn’t fully compatible with the latest plugins or WordPress updates. Identifying and resolving these conflicts early ensures your site remains stable and secure.
Here’s how to set it up:
- Install and activate SSL Insecure Content Fixer.
- Go to Settings SSL Insecure Content Fixer.
- Choose a fix level:
- Simple: Basic fixes for most sites.
- Content: Fixes images, scripts, and stylesheets.
- Widgets: Fixes content inside widgets.
- Capture: This fixes all content but may slow down your site.
Click on Save Changes and refresh your site.
For most users, the Content level works best. If some errors remain, try Widgets or Capture mode.
After setting up these plugins, clear your cache and reload your site. Then, check your browser’s Console (Inspect Console) to see if the WordPress mixed content error fix worked.
If errors persist, you may need to manually update some files. But for most sites, these plugins should work.
Conclusion
Fixing a WordPress mixed content error fix may seem tricky, but by following the right steps, you can get your site running smoothly again. First, check for mixed content errors using browser tools or plugins.
Then, update HTTP URLs to HTTPS in your settings, database, and CDN. And, don’t forget that you can also use plugins like Really Simple SSL or fix them manually.
