OK, so, you have an SSL (Secure Sockets Layer) certificate for your business website, but users are still getting that red warning message your site is not safe. This is occurring because your mixed content – images, links, videos – are not meeting the new HTTPS requirements. In order to get that green lock icon in the URL bar, you’ll need to get your mixed content HTTPS compliant.

What is Mixed Content?

Video and JavaScript are examples of mixed content that are on a page loaded over a non-secure HTTP connection, although it is being called up from a secure HTTPS connection. The content is being loaded through the HTTP (Hypertext Transfer Protocol) because it is not SSL certified. As a result, the website is deemed not secure.

All sources of content must be SSL certified in order to be HTTPS compliant. Browsers, such as Google Chrome, will alert the user to any content from a sub-resource that violates the SSL certification. The user would see “Only secure content is displayed.”

Beginning July 1, Google Chrome will require all websites to be HTTPS compliant. If there is any content not meeting the protocol, visitors will see a red warning message of a non-secure site.

Some browsers will block all mixed content on a page even if some is compliant.  To the visitor, it would appear there is a security issue with the website who would likely click out, leading to the loss of a potential customer or client.

Fixing Mixed Content Issues

This can be time consuming and is best left for a marketing agency to review all your content sources and make them compliant. Content must be tracked and each piece that violates the HTTPS requirements must have its code changed so it will load over the secure, encrypted HTTPS connection.

The “HTTPS” must precede the URL of each resource in order to be compliant. Content not loading properly on a website means it’s not meeting the HTTPS requirements. Each video, link, or script must be SSL certified.

A resource not meeting the HTTPS protocols should be removed from the site and served directly by your host. If a resource is not loading properly, a different host that supports HTTPS and has an SSL certificate must be used.

As you can see, getting a website and its content HTTPS compliant requires expertise. There are many pieces that need to be reviewed and in some cases, re-coded, to meet the new protocols.

 

Why is HTTPS Important?

A HTTPS connection protects the website and the user from “middle man” attacks. A non-secure connection is open to hackers who can change content such as images or redirect a visitor to an imposter site. Hackers can also intercept requests from visitors and interject malicious code that can lead to phishing, stealing data from the visitor and installing malware through the site’s plugins.

Related Article: Is Your Website Ready for HTTPS?

 

It’s All About that Green Padlock

A green padlock icon in the URL and the HTTPS letters assures visitors the website is secure. In today’s digital world of cyberattacks and identity theft, website visitors will be looking for that green padlock.

 

Get Your Website Secure

Let Metro Annex Interactive get your website HTTPS compliant. We will perform a free audit/report and present a snapshot of your website’s current status.

We can address any HTTPS compliance issues, obtain, and install your SSL certificate. Let’s get that green padlock for your business website!