This plugin hasn’t been tested with the latest 3 major releases of WordPress. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.

Download

HTTPS Mixed Content Detector

By Zack Tollman

Description

When deploying a TLS enabled website, you must ensure that all content loaded on the site is loaded from secure origin.
If your content is loaded from an insecure source, the security of your whole site is compromised and modern browsers
will downgrade your website’s security rating.

The HTTPS Mixed Content Detector plugin attempts to identify sources of mixed content warnings. The plugin will examine
content loaded from the site when admins are viewing the site. Any content that violates the policy of loading content
that originates from “https:” resources will trigger an error and that resource will be logged. Viewing the log will
allow you to examine the site for any warnings and remove them before they cause problems for your website.

Screenshots

  • Content Security Policy reports are collected in the Content Security Policy Reports list table.
  • Information about Content Security Policy reports is available via WP CLI.

Installation

This section describes how to install the plugin and get it working.

  1. Upload https-mixed-content-detector to the /wp-content/plugins/ directory
  2. Activate the plugin through the ‘Plugins’ menu in WordPress
  3. Browse your site as an admin
  4. View the reports listed in the “Content Security Policy Reports” page in the admin
  5. Delete each violation report log as you fix it
  6. Rinse and repeat until your site is free of violation reports

Reviews

Immediately solved my problem

October 7, 2020
This plugin immediately detected that the header image was causing trouble, while other SSL fixing plugins couldn't fix the problem

Works

December 6, 2016
It works as advertised. Unfortunately, I do not know how fix the error since the location is unknown.
Read all 6 reviews

Contributors & Developers

“HTTPS Mixed Content Detector” is open source software. The following people have contributed to this plugin.

Contributors

Translate “HTTPS Mixed Content Detector” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

1.2.0

  • Add check for violation locations
  • Add sampling mode for examining non-logged in traffic
  • Add more content shown in the WP list table

1.1.0

  • Add check for HTTPS domain when logging violation
  • Add list, resolve, remove and unresolve WP CLI commands
  • Update CSP directives to be more specific

1.0.2

  • Remove false positives from the log

1.0.1

  • Limit logging to work only for admins

1.0.0

  • Initial release

Meta

  • Version: 1.2.0
  • Last updated: 7 years ago
  • Active installations: 100+
  • WordPress Version: 4.0.1 or higher
  • Tested up to: trunk
  • Tags:
  • Advanced View

Ratings

See all
Log in to submit a review.

Contributors

Support

Got something to say? Need help?

View support forum