Free SEO by IBS Group
Medium impactSecurity

Mixed Content Warnings

HTTP resources on HTTPS pages trigger browser warnings and break trust. Here's how to find and fix them all.

What it means

An HTTPS page loads images, scripts, or iframes over insecure HTTP.

Why it matters

Browsers block or warn about mixed content, breaking layouts and showing the dreaded "Not Secure" badge.

How to fix it

  1. Audit page source for http:// URLs.
  2. Update all asset URLs to https:// (or protocol-relative //).
  3. Add Content-Security-Policy: upgrade-insecure-requests as a transition aid.

Find this issue on your site automatically

FreeSEO scans for mixed content warnings and 140+ other issues, free, no signup.

Run a free scan Explore all free SEO tools

Frequently asked questions

Why does Chrome block some mixed content?

Active mixed content (scripts, iframes) is blocked by default. Passive (images) gets a warning.

Related issues

Site Serves HTTP Instead of HTTPS
HTTPS has been a Google ranking signal since 2014. Here's how to migrate fully and avoid mixed content.