Request a Website Audit to Get Your Marketing on the Right Track! Get Started ->

Web Savvy Marketing

We are web designers, SEO consultants, bloggers, social media enthusiasts, and WordPress experts all rolled up into one.

  • Home
  • Our Agency
    • Industries We Serve
    • Sample Client List
    • Testimonials
    • Charitable Contributions
    • Events and Community Involvement
  • Website Design
  • SEO Consulting
  • Blog
    • Search Engine Optimization Articles
    • Website Development Articles
    • WordPress Articles
  • Contact

10.06.19 Search Engine Optimization

Chrome to Begin Blocking Web Page Elements With Mixed Content

Google-Chrome-Logos

It seems I’m always on my SSL soapbox and it feels like most people just are not listening. Every time I do a website audit or bring on a new SEO retainer client, one of the first things I check is the health of their SSL implementation. It’s one of my first steps, because about 95% of websites are doing it wrong.

Every time I talk to a client about the health of their SSL implementation, they question if it really matters. My standard replies include:

  1. Google has been preaching the need for secure websites for years. It is important to Google, which means it should be important to you and your digital marketing efforts.
  2. SSL health is part of Google’s algorithm, which means it will influence your keyword rank and overall website traffic from search.

As of this month, I can add a third item to the list:

  1. In December 2019, the Chrome browser will begin blocking content on website pages that include a mix of SSL and non-SSL content. This can quickly make these web pages appear broken and make it much more difficult for the rendering of all your content within the page.

This means websites that have a mix of resources in HTTPS and HTTP will produce a warning message to potential website visitors. This begins with the introduction of Chrome 79, but it is just the start of what is to come. The original role out will offer an unlocking option, but in January of 2020 Google will remove the unblocking option.

Read Google’s official announcement titled “No More Mixed Messages about HTTPS” ->

You may think you have no issues and that your content is safe and secure, but I encourage you to take a closer look. If you crawl your website fully, you’ll be surprised at what lies beneath. Scripts, styles, links, and images can all cause issues without you even knowing they are present.

Google’s Definition of Mixed Content

Mixed content occurs when initial HTML is loaded over a secure HTTPS connection, but other resources (such as images, videos, stylesheets, scripts) are loaded over an insecure HTTP connection. This is called mixed content because both HTTP and HTTPS content are being loaded to display the same page, and the initial request was secure over HTTPS. Modern browsers display warnings about this type of content to indicate to the user that this page contains insecure resources.

There two types of mixed content are: 

Passive mixed content refers to content that doesn’t interact with the rest of the page, and thus a man-in-the-middle attack is restricted to what they can do if they intercept or change that content. Passive mixed content includes images, video, and audio content, along with other resources that cannot interact with the rest of the page.

Active mixed content interacts with the page as a whole and allows an attacker to do almost anything with the page. Active mixed content includes scripts, stylesheets, iframes, flash resources, and other code that the browser can download and execute.

Learn more about mixed content and managing it via Google’s Web Fundamentals for developers.

Ways to Locate Mixed Content

There are multiple routes you can take to find mixed content. The best route will depend on factors such as your time, your coding ability, and the size of your website. A small five page website could be manually reviewed fairly quickly, but a one hundred page website would take an extensive effort and much more time than most people have to allocate. If your website is large and thousands of URLs, you are looking at a massive undertaking.

Here are some ways you can locate your mixed content issues:

  • Request a website audit from a trusted SEO professional.
  • Manually review the source code of your website page by page.
  • Use Screaming Frog to crawl the website. This is a paid tool, but relatively low cost as it only has an annual fee.
  • Use SEMrush to crawl the website. This is a much more expensive tool, but for SEO consultants like me, it is a must-have tool.
  • Use JitBit SSL Checker, which is a free online scanner that will scan up to 400 pages of your site.
  • Use SSL Insecure Content Fixer WordPress Plugin to scan your site and alert you to insecure resources and help you fix them.

Once your mixed content issues are found, you need to fix the offenders quickly. A far warning is you may need help resolving these issues. While I can fix some myself, I do require the assistance of my developers at times.

Clean Up Your Website Now

Don’t wait until December to review your website. Get ahead of this important change by auditing your website and fixing all those technical SEO issues that creep in. Technical SEO is a core part of today’s SEO and you cannot have high rank and search traffic without a healthy website.

If you’d like professional help auditing or cleaning up your website, we’d love to help. I’ve been doing professional website audits since 2011 and my team has been working with websites since 2009. We’d love to help you clean up your website and boost your SEO.

Tags: Google, WordPress

Like this article?

Sign up and receive weekly updates via email. Don't worry, we value your privacy and we hate spam just as much as you do.

  • This field is for validation purposes and should be left unchanged.

Rebecca Gill's avatar

Rebecca Gill

Rebecca is the founder and president of Web Savvy Marketing, a Michigan digital marketing agency. She has a well-rounded business background within SMB and enterprise organizations, as well as over fifteen years of experience in sales and online marketing. She provides SEO consulting services for clients, SEO coaching on Clarity.fm, teaches SEO at diySEOcourses.com, and has a weekly podcast at SEObits.fm. Learn more at RebeccaGill.com.

Comments

  1. 10.08.19 at 3:29 pmCarol Amato says

    Thank you for so clearly explaining that. I downloaded that plugin to help. I’m getting a WordPress site ready, but I don’t have Google indexing it yet, so this is perfect timing to learn about this.

    Unrelated question: Is there a reason you don’t have a search function on your site? Pros and cons?

    Thank you!

    • 10.08.19 at 7:30 pmRebecca Gill says

      I’m glad the article was helpful Carol!

      The sidebar of this article actually has a search option on the bottom. Since it is not overly intuitive, I’ve moved it to the top. Thanks for the heads up on that issue.

  2. 10.09.19 at 3:59 amAngelina says

    Hey Rebecca,
    Amazing Article !! I have now understood the thing that why the message like ” You are not fully secure” is shown. Due to mixed content, such a website URL shows this message.

    Thanks for sharing.

    • 10.10.19 at 8:01 amRebecca Gill says

      My pleasure! I’m glad it was helpful.

  3. 10.09.19 at 5:43 pmLoretta says

    I’m wondering if it will cause any issues with ad network blocks on pages.

    • 10.10.19 at 8:02 amRebecca Gill says

      I’m not sure Loretta. I’d use one of the above tools to crawl the site and validate it. It is always better to be safe than sorry in these types of situations.

  4. 10.14.19 at 5:02 pmJoe Emmet says

    Excellent article Ms. Rebecca.

    Thanks for helping all of us do our jobs correctly!

    I’m going to have to spend more time surfing. . .this could turn out to be a great ice breaker for introducing my services and helping business owners get this issue corrected.

  5. 01.24.20 at 10:06 amLoma Nelson says

    So does Chrome mixed content errors only apply if an actual SSL in installed? Hence “mixed” content. I’m aware of and have talked to a number of past clients about getting their websites on SSL, but in typical fashion, they just are not getting out of the starting gate. I incorrectly presumed that with all this mixed content hype I’d start getting support calls in January to help with them with these error messages. Hmm. . .

  6. 02.12.20 at 2:19 amEmma Marie says

    Hi Rebecca,

    Thanks for the update. Even SSL will not be purely locked unless all the media and contents of the website are redirecting to the https version perfectly. I have faced this issue already. One of my images was fetched from the old http version then I found the image URL from the console delete the old version and upload it again. Now my SSL is purely locked(Green).

Request a Website Audit

Did you try a DIY website audit checklist, only to find you missed the important items that would truly influence your SEO, traffic, and revenue? What you really need is a professional website audit to keep your website and SEO healthy.Request Your Audit

Browse the Blog by Category

  • Branding (8)
  • Community Involvement (37)
  • Content Marketing (11)
  • Internet Marketing (60)
  • Search Engine Optimization (93)
  • Social Media (24)
  • Website Development (59)
  • WordPress (92)

The Beginner’s Guide to Search Engine Optimization

Learn what SEO is and why it matters to your website or blog. Download the free eBook and start your SEO journey.Download the eBook

Let's Create Something Together

We'd love to help you create something amazing.
Reach out to us and tell us about your vision.Say Hello

Full-Service Digital Marketing Agency

TwitterYoutubeFacebookLinkedinGoogle +

About Us

  • Our Digital Marketing Agency
  • Industries We Serve
  • Client Testimonials
  • Community Events
  • Charitable Contributions

Design and SEO Services

  • Logo Design
  • Website Design
  • Custom WordPress Themes
  • PSD to Genesis
  • SEO Consulting

WordPress Services

  • WordPress Customizations
  • Support and Maintenance
  • WordPress Upgrades
  • WordPress Migrations
  • WordPress Training
Made With Love in Michigan | Copyright © 2009 - 2022 Web Savvy Marketing | All Rights Reserved
  • Privacy Policy
  • Affiliate Disclosure
  • Sitemap