Fix Mixed Content Warnings and Blocked Content with HTTP/HTTPS Remover

mixed content warning plugin

So you’ve just installed an SSL certificate on your site, and you’re getting mixed content warnings? Noticing Google fonts not embedding, JavaScript files not loading, images missing, and so on? Welcome to another entry in an ongoing topic: why putting a WordPress site under SSL is harder than it should be, and what to do about it—mixed content warning edition.

When a site is under SSL—meaning all its links start with https:// rather than http://—then that site cannot load insecurely referenced resources: files, from any location, that start with http://.

Many resources can be accessed either securely or insecurely: for example, Google Fonts will serve Open Sans at either or But when you then put your site under SSL, those insecure http://-style links all break, and those resources go missing and throw mixed content warnings. In the Chrome Inspector, this issue will produce one error message like the following for each piece of blocked content:

Mixed Content: the page at [page link starting with https://] was loaded over HTTPS, but requested an insecure [filetype][resource link starting with http://]. This request has been blocked; the content must be served over HTTPS.

Now: What to do if there are tons of these bad http://-style links in a third-party plugin? You can’t edit the files directly, unless you want to permanently prevent the plugin updating—and go deep-diving into someone else’s likely questionable plugin code.

That’s where the “HTTP / HTTPS Remover” plugin comes in: it (somehow) fixes mixed content warnings for everything from Google Font embeds to third-party JavaScript files. It turned out to be a lifesaver on a recent project that was being broken by mixed content warnings thanks to careless plugin developers. Should be a great companion with another favorite plugin for SSL-izing a site, WP Force SSL. Give it a try!

Add a comment