Fixing WordPress Insecure / Mixed Content in Posts

You’ve installed your shiny new SSL Certificiate (about time!) and you’re website is not showing the widely recognized green safety seal of a nice secure padlock made of grass or jade or something,

As you are already aware that, you’re doing your users a disservice, damaging Google Rankings andand in some cases you’re website may just not load any CSS… this article however focuses on the 1 simple issue of the post content, are your blog posts linking to insecure or http links internally? – are you having broken images because they are coming in via insecure streams? if so there is a quick and simple fix in SQL,

 

The end result is this – lovely green padlocks on your Website,

Brower Green Bars and Padlocks

As always, backup your database first – or at the very least do an export before tamping with SQL commands if you really don’t know what you should be doing,

Login to your hosting provider and fire up PHPMyAdmin or whatever Database utility you may need, I saw this used once as a plugin – Search and Replace which could be useful from within wordpress itself,

Now you’re in PHPMyAdmin – click over to the Database and expand it out (+), locate the table called ‘??_posts’ and select it.

At the top you can click the ‘SQL’ button and copy the following from below, replacing your.domain.name with you’re actual domain name.

UPDATE wp_posts SET post_content = replace(post_content, ‘http://your.domain.name’, ‘https://your.domain.name’);

As a side note, ensure you always reference your own domain – changing any http:// to https:// and you’ll be asking for trouble with any external images (bad idea anyway) or links to other websites who may still surprisingly not yet have SSL enabled,

Please take note, there are many factors surrounding a green SSL icon in the browsers with some being more strict than others. This isn’t a one stop solution, all plugins, css, slider images and such must be loaded over a secure channel – the best practice would be to hardcode all linked content to <a href=”//your.domain.name”></a> as this will automagically choose the correct schema, while reducing any unnecessary plugins loading insecure content, I may post another article around the other parts of WordPress you need to focus on fixing, but for now.. this’ll do!

 

Comments are closed