Site shows insecure warnings or mixed content due to incomplete HTTPS setup.
HTTPS Not Properly Configured
Key Points: Browser says “Not secure”, padlock missing, or images won’t load due to mixed content.
You enabled HTTPS — great! But now half your site is broken. Images don’t load, browser flashes a warning, and clients wonder if they’re on a fake site. Classic mixed content problem.
🔍 Root Causes
- Site or Home URL still uses
http:// - Hardcoded image or script links in content or theme files
- No redirect from HTTP to HTTPS
🔧 Fix It Fully
- Set HTTPS URLs in
Settings → Generalorwp-config.php - Use a plugin like
Really Simple SSLfor cleanup - Scan content for hardcoded
http://links and update - Add 301 redirect to
.htaccessor server config
🔐 Final Note
SSL is more than a certificate — it’s a full site commitment. One insecure script breaks the whole chain.