Welcome to the Treehouse Community
Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.
Looking to learn something new?
Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.Start your free trial
Jonathan GrieveTreehouse Moderator 91,252 Points
Removing SSL Mixed Content
I recently purchased SSL for this website, https://www.elimchurchbishopauckland.co.uk/
I've since been trying to flush out mixed content on the site, that is content still being served over HTTP:// rather than HTTPS://
If you go to the website there's still 1 error message on the site over this stylesheet.
<link rel='stylesheet' id='tws-source-css' href='http://fonts.googleapis.com/css?family=Open+Sans%3A400%2C300%2C300italic&ver=1.0' type='text/css' media='' />
Mixed Content: The page at 'https://www.elimchurchbishopauckland.co.uk/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Open+Sans%3A400%2C300%2C300italic&ver=1.0'. This request has been blocked; the content must be served over HTTPS.
... in the console.
It's a WordPress site so the obvious answer is to look for the code directly in the templates and remove it.
I cannot find a reference to that line at all in the page. I'd rather eliminate all errrors from the console but the site still holds it's Secure tag. It's one Google font stylesheet? Is there any danger of attackers hacking the site through that?
Thanks Jacob but we figured out the issue, it was nested inside the theme in a odd location.