"Secure page with unsecured content" message explained


This all comes down to the difference between HTTP and HTTPS. HTTP is the most commonly used type of connection, when you visit a website using the HTTP protocol, your connection to the website isn"t secured. Anyone eavesdropping on the traffic can see the page youíre viewing and any data you"re sending back and forth.


Thatís why we have HTTPS, which is literally "HTTP Secure." HTTPS creates a secure connection between you and the web server. The connection is encrypted and authenticated, so no one can snoop on your traffic and you have some assurance you"re connected to the correct website. This is extremely important for securing account passwords and online payment data, ensuring no one can eavesdrop on them.


Mixed content warnings indicate a problem with a web page you"re accessing over HTTPS. The HTTPS connection should be secure, but the web page"s source code is pulling in other resources with the insecure HTTP protocol, not HTTPS. Your web browser"s address bar will say you"re connected with HTTPS, but the page is also loading resources with the insecure HTTP protocol in the background. To ensure you know that the web page you"re using isn"t completely secure, HTTPSpatrol will display a friendly notification saying that the page has both HTTPS and HTTP content, mixed content, in other words.

A great video and explanation of mixed content can be found here https://youtu.be/CSmacMZ0xZo

If you are a website owner and would like to know how to reslove mixed content


The best strategy to avoid mixed content blocking is to serve all the content as HTTPS instead of HTTP. This means to serve all content as HTTPS and fix your links.  Often, the HTTPS version of the content already exists and this just requires adding an "s" to links - http:// to https://

Copyright © 2018, Darren A Edwards, httpspatrol.com