Mar 262017
 

I just switched my website to https for testing purpose. But changing the website’s URL to https:// is not sufficient to enable a fully secure browsing experience, as images in posts are still loaded from http://. Or more precisely, most modern browsers (FF or Opera for instance) are now clever enough to guess that the current website is on https:// so its contents should also be loaded with the same protocol, but there may be a possibility that other less advanced browsers are not doing this smart guess.

There are two possibilities:

  • install and activate a plugin such as the SSL Insecure Content Fixer. It will replace on the fly the protocols to https. The advantage is that your contents are not edited in the database. The drawback is that your website may be a little slower. (sorry I don’t have metrics)
  • the other method is to replace the src="http:// references in the post_content field from the wp_posts table by src="https:// by using SQL. For example, in phpMyAdmin:
    1. make a backup of the wp_posts table (or even better, your database)
    2. execute this query: