Flexible SSL & WordPress: Fixing “Mixed Content” Errors
As many are aware, CloudFlare launched Universal SSL several months ago. We saw lots of customers sign up and start using these new, free SSL certificates. For many customers that didn’t already have an SSL certificate, they were able to use “Flexible SSL”.
Flexible SSL creates a secure (HTTPS) connection between the website visitor and CloudFlare and then an in-secure (HTTP) connection between CloudFlare and the origin server. For any site using absolute links to assets (i.e. javascript, css, and image files), this can lead to a “Mixed Content” error.
Mixed Content = Mixed Protocol
What is “Mixed Content”? This can be understood as mixed protocol. When the webpage is loaded over SSL (HTTPS protocol), most browsers expect all of the assets to be loaded over the same protocol. Some browsers will display an error about loading “insecure content” while others will just block the insecure content outright.
This error only applies to pages loaded over SSL, since the browser is working to make sure that secure pages only load equally secure assets.
Wordpress Plugin Updates
The latest version of the CloudFlare plugin for Wordpress works to resolve a lot of these errors by altering the protocol within the Continue reading