This means that the URL in question is loaded over a secure HTTPS protocol, but some other resources (such as images, videos, stylesheets, scripts) are loaded over an insecure HTTP connection.
This is called mixed content because both HTTP and HTTPS content are being loaded to display the same page, and the initial request was secure over HTTPS. Mixed content degrades the security and user experience of your HTTPS site.
Requesting subresources using the insecure HTTP protocol weakens the security of the entire page, as these requests are vulnerable to man-in-the-middle attacks, where an attacker eavesdrops on a network connection and views or modifies the communication between two parties. Using these resources, an attacker can often take complete control over the page, not just the compromised resource.
This Hint will trigger for any internal HTTPS URL which includes resource links to any HTTP URL, where 'resource links' are considered to be anything that renders a URI;
Consider the URL: https://example.com/page-a
The Hint would trigger for this URL if it contained even a single resource link to an internal HTTP URL. Any of the options below would trigger it:
JavaScript resource link is HTTP:
<script src='http://httpbin.org/tracker.min.js' type='text/javascript' async='async'></script>
CSS resource link is HTTP:
<link rel='stylesheet' href='http://httpbin.org/Assets/Css/below-fold.css?v=17'>
Image resource src is HTTP:
<img src='http://httpbin.org/image' />
This Hint is marked 'Critical' as it represents a fundamentally breaking issue, which may have a serious adverse impact upon organic search traffic. It is strongly recommended that Critical issues are dealt with as a matter of high priority.
You need to only use https:// URLs when loading resources on your page. For each URL that loads HTTP resources, update the link references to point to the HTTPS counterparts.
In some cases, you may find that the resources in question are not available over HTTPS, in which case seek to do one of the following:
Find, fix and communicate technical issues with easy visuals, in-depth insights, & prioritized recommendations across 300+ SEO issues.
Get all the capability of Sitebulb Desktop, accessible via your web browser. Crawl at scale without project, crawl credit, or machine limits.