HTTPS Mixed Content Problem With TwentyFourteen Theme

  • user2037

    (@user2037)


    10 years ago

    After adding HTTPS using Cloudflare I noticed that I get mixed content problems. Looking at the source many of the links are not HTTPS. Ideally I’d expect the links to be “//” instead of “https://” or “https://” so that they’d work either way.

    FWIW, my web host is only HTTP and not HTTPS. But I don’t see any reason why it can’t work if the links were made to be security agnostic.

    Anyone know how to resolve this problem?

Viewing 4 replies - 1 through 4 (of 4 total)
  • Pioneer Web Design

    (@swansonphotos)

    You need to use the paid features of CloudFlare for HTTPS sites…

    Thread Starter user2037

    (@user2037)

    Thanks for taking the time to respond, but actually I don’t: https://blog.cloudflare.com/introducing-universal-ssl/

    Pioneer Web Design

    (@swansonphotos)

    Did not know they had rolled that out…but:
    1. You are only encrypting content from CloudFlare to the end users with this, not from your site to CloudFlare. In the article, it notes this and suggests you use an SSL cert. on the site itself.
    2. If you do not, you will need to find out what content is not being cached at CloudFlare. Usually this is external content, such as a Google Font, a YouTube Video, a third party API, Social Media items, etc. Just review all content for https://site.com/ and find where to change that to https://site.com/ (in a theme file, in site content, from a poorly done plugin). You can view each page’s source code and use the browser search function to look for them. If you have hardcoded external URL‘s @ https://site.com/ into content, you can perform a search and replace on the DB using phpMyAdmin (always backup fully your DB prior to any manual work on it).

    It is always OK to be at HTTP and include an external URL at HTTPS, but never the other way around.

    Thread Starter user2037

    (@user2037)

    Unfortunately it turns out WP was getting stuck in an infinite redirect loop. This article’s advice appears to do the trick: https://atechnologyjobisnoexcuse.com/2014/10/redirect-loops-with-ssl-wordpress-and-cloudflare/

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘HTTPS Mixed Content Problem With TwentyFourteen Theme’ is closed to new replies.