The error message “Mixed Content,” occurs when a webpage served over HTTPS tries to load resources such as images, scripts, or stylesheets over insecure HTTP connections. This creates a security risk, as the insecure content could be tampered with. Modern browsers block such mixed content to maintain the security of HTTPS connections. This mixed content error is a common WordPress error.
Example of the error message
Mixed Content: The page at 'https://domain.com/' was loaded over HTTPS, but requested an insecure script 'http://domain.com/'. This request has been blocked; the content must be served over HTTPS.
How to fix the WordPress mixed content error
Solution #1 – Use a plugin
You can install an HTTPS/SSL plugin (e.g. SSL Insecure Content Fixer) to fix the mixed content warning.
About the SSL Insecure Content Fixer plugin
SSL Insecure Content Fixer cleans up the WordPress website’s HTTPS insecure content and mixed content warnings. When you install SSL Insecure Content Fixer, its default settings are activated and it will automatically perform some basic fixes on your website using the Simple fix level. You can select more comprehensive fix levels as needed by your website.
Solution #2 – Update URLs
To resolve this issue in WordPress please ensure that all resources, including images, are loaded over HTTPS.
Update image URLs
Log in to your WordPress dashboard and go to the Media Library (Media > Library). Look for the reported image, and click on it to edit its details. Ensure that the image URL starts with https:// instead of http://. Update the URL accordingly and save your changes.
Update image references in content
If you’ve directly referenced this image in your posts, pages or articles, you’ll need to update those references as well. Edit the content where the image is used and replace any occurrences of http://domain with https://domain.
Update theme options
If you’ve image references in the header, footer, widgets, or custom CSS section, you’ll need to update those references as well.