What has happened is that if a web page has any local content that is insecure within it, the browser raises an alarm to alert the user. Unfortunately, many a good site has been caught up in this mess. it will even declare a site as “Unsafe” if it has image links that are insecure. Many of these sites simply have badge icons to reflect affiliations. For instance:
The “Manta” badge icon might be displayed as an image link : http://www.manta.com/manta/images/mantaBadge_sm.png and a Facebook icon might be displayed like this: http://en.facebookbrand.com/assets/f-logo
The SSLTOOLS website is a good place to check for insecure content that might upset a web browser: http://www.ssltools.com/.
I have developed this site in WordPress and after changing the site to use SSL, I had trouble because not all local site content was converted to use SSL. For example, I had issues with:
http://www.jaredsec.com/wp-content/themes/notes/themify/img/social/google-plus.png http://www.jaredsec.com/wp-content/themes/notes/themify/img/social/twitter.png http://www.jaredsec.com/wp-content/themes/notes/themify/img/social/facebook.png http://www.jaredsec.com/wp-content/themes/notes/themify/img/social/youtube.png http://www.jaredsec.com/wp-content/themes/notes/themify/img/social/pinterest.png http://www.jaredsec.com/wp-content/themes/notes/skins/orange/style.css
When I dumped the SQL database, I found a multitude of problems; nothing with WordPress Core, but plugin-related links. To solve the problem in one fell swoop, I used four steps:
- Dump the SQL database to a file
mysqldump –user=DBUSER –password=DBUSERPASS DBNAME > FILENAME.sql - Backup the SQL database file, just in case
cp FILENAME.sql FILENAME.bak
- Replace site-related http strings with https in the file
sed -i -e ‘s/http://www.DOMAIN_NO_TLD/https://www.DOMAIN_NO_TLD/g’ FILENAME.sql - Load the file back into MySQL
mysql –user=DBUSER –password=DBUSERPASS DBNAME < FILENAME.sql
When it was all done, I did have a few small problems with my theme, but nothing that affected content at all. No more browser warnings!