Classic http / https mismatch error

mbswann · August 21, 2020, 6:05pm

I have the same problem as many of where I’m getting that classic http/https mismatch error. I have no idea how this happened considering I haven’t touched my website in months…

I tried updating the URL within settings>general both sections to “https” and getting the latest version of Wordpress and Pro with no success.

I tried following the “Warnings in the Building” article and still cannot find out why its not working.

I also tried the advice below but am having now luck…

Thanks for writing in! This would likely to happen if you have use an SSL plugin. Please go to the settings, Settings > General and make sure that the site url and wordpress address URL is using https .

You may also install Better Search and Replace plugin and do a search for http://example.com and replace it with https://example.com

I ended up reverting my site to a past version (before I changed everything stated above) but I kept the latest Wordpress and Pro version… Can you help me please? I just want to edit my website. Thank you.

prakash_s · August 21, 2020, 9:27pm

Hello @maxwellbronson

Thanks for writing to us

Please have a look at this article to learn more about how to properly fix the HTTP / HTTP mismatch issue https://www.wpbeginner.com/plugins/how-to-fix-the-mixed-content-error-in-wordpress-step-by-step/
Please take a full backup of your website before performing these steps.

Thanks

mbswann · August 23, 2020, 4:58pm

Hi @PrakashS that link was very helpful. I was able to install SSL and now my site builder works.

After getting SSL installed, the SSL team told me the following:

03:35 Andrey Zhivotovskiy: I have found some insecure content on your website wolfmoonplanner.com which causes the warnings in browsers.
03:35 Andrey Zhivotovskiy: A mixed content warning means that both secured and unsecured elements (such as images, videos, stylesheets, scripts) are being loaded on a page that should be completely encrypted. Any page using an HTTPS address must have all content coming from a secured source. Any page that links to an HTTP resource is considered insecure and is flagged by your browser as a security risk.
03:35 Andrey Zhivotovskiy: The issue can be fixed by adding the following header to the .htaccess file located in the document root folder associated with the domain name:
Header set Content-Security-Policy: upgrade-insecure-requests

Any idea if this type of edit is necessary? I’m not sure how to do this nor if I need to. I’m not seeing any ‘warnings’. Thanks!

ruenel · August 23, 2020, 9:39pm

Hello Maxwell,

The search and replace steps that has been made already resolves the issue. That is why we can no longer see any warning messages about mixed contents in the console. It seems that you are all good to go.

Cheers.

mbswann · August 24, 2020, 2:01pm

Perfect. Thanks!

christian · August 24, 2020, 3:12pm

You’re welcome, @maxwellbronson.

system · September 3, 2020, 3:12pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.