This is part two of our SSL information update. Here we are addressing when the code is not addressing the SSL. You can read the first part here, Make your website SSL Certified.
What is Mixed Content?
Mixed content occurs when initial HTML is loaded over a secure HTTPS connection. Both HTTP and HTTPS content are being loaded to display the same page. Resources like images, videos, stylesheets, scripts can be mixing in as an HTTPS webpage loads. Browsers that are SSL certified will still display a Not Secure message because it’s recognizing these not secure sources.
You not only have to have SSL but you have to make sure your code is compliant. For Example:
A typical website page with images could load one image from a secure source (HTTPS), and another image from an insecure source (HTTP). So after installing the SSL certification on your site, this means the code on your website page will have to be scanned to make sure it’s compliant and not loading any of its content from any insecure sources.
For example, this website https://very.badssl.com/ has the SSL certificate but both the image of the dog and the form under it are not using https. This makes Chrome warn you that the site is not fully secure.
Mixed Content degrades the security and user experience of your HTTPS site
Google can lower your website ranking making your website appear at a lower position in a search result. This can also prevent users from visiting your website and using your services. You can read more in The New York Times’ What Chrome Means by ‘Not Secure’ article.
To verify if your code needs to be edited, VND can scan your website -free of charge, contact us for a scanning session