Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

This thread was archived. Please ask a new question if you need help.

How can I detect mixed content on my site

  • 6 replies
  • 1 has this problem
  • 37 views
  • Last reply by tomiterbeke

tomiterbeke
tomiterbeke
more options

Hello Firefox

Something is driving us mental :-( ... our drupal-website https://tweetakt.be keeps giving warnings as containing 'mixed content' on Firefox. We have screened it over and over. Is there any way to be able to detect where it goes wrong? We're getting desperate...

Thank you so much!

Tom

Hello Firefox Something is driving us mental :-( ... our drupal-website https://tweetakt.be keeps giving warnings as containing 'mixed content' on Firefox. We have screened it over and over. Is there any way to be able to detect where it goes wrong? We're getting desperate... Thank you so much! Tom

Chosen solution

I do not even get that far my Firefox 48 blocks the secure version of https://tweetakt.be/ Sorry I am not a web developer but untill or unless someone else comments maybe some of this will help Please see also

I need to set an a exception before I can even see your site. If you are not handling money and confidential information do you have a none secure version of the site by the way.

I get an error message under the advanced option saying 

tweetakt.be uses an invalid security certificate. The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported. Error code: SEC_ERROR_UNKNOWN_ISSUER

And 

CN = Intermediate Certificate DV SSL CA - G2
OU = Domain Validated SSL
O = Intermediate Certificate
C = NL

You may also be interested in this test report on your site and the documentation that ssllabs provides

This help article is aimed at the end user trying to view sites

As for the lesser problem of mixed content please see

Read this answer in context 👍 1

All Replies (6)

Happy112
Happy112
more options

Hi   Tom,

Starting in Firefox 23, if a secure page includes certain types of insecure content, Firefox blocks the insecure content and a shield icon will appear in the address bar. See this article for more information about the new mixed content blocker: Mixed content blocking in Firefox

To temporarily allow the mixed content to be displayed:

  • Click the shield icon Mixed Content Shield in the address bar and choose Disable Protection on This Page from the dropdown menu.
    Fx23MixedContentBlocker

To allow insecure content to be displayed in all secure pages, enter about:config in the address bar and double-click on this preference, to toggle it from true to false:

security.mixed_content.block_active_content

You can also use this add-on instead, to toggle the preference:

You may want to do this only for the current session, then reset the preference back to "true" and check back with the site to see whether it's been fixed, since this is a global setting that exposes you on all sites, not just the one you care about.

Let us know if this helps!

John99
John99
more options

Chosen Solution

I do not even get that far my Firefox 48 blocks the secure version of https://tweetakt.be/ Sorry I am not a web developer but untill or unless someone else comments maybe some of this will help Please see also

I need to set an a exception before I can even see your site. If you are not handling money and confidential information do you have a none secure version of the site by the way.

I get an error message under the advanced option saying 

tweetakt.be uses an invalid security certificate. The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported. Error code: SEC_ERROR_UNKNOWN_ISSUER

And 

CN = Intermediate Certificate DV SSL CA - G2
OU = Domain Validated SSL
O = Intermediate Certificate
C = NL

You may also be interested in this test report on your site and the documentation that ssllabs provides

This help article is aimed at the end user trying to view sites

As for the lesser problem of mixed content please see

Modified by John99

philipp
philipp
  • Moderator
more options

the more important thing to fix would be the missing intermediate certificate as john99 already described.

the mixed content on your site seems to be http://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700 - you should change that address to load through https instead...

Happy112
Happy112
more options

Hi   Tom,

This screenshot may shine a light on it all   (I'm assuming that you're Dutch,   like me    ?)

John99
John99
more options

That help article is available in Dutch. You may even have seen it already in Dutch as a redirect from my link

Also I attach a screenshot of how I can not see your site, and how it appears with the web console showing the mixed content error. The thumbnail images expand if clicked. The other help article has Dutch text available, but again English (en-US) screenshots /nl/kb/certificaat-beveiligde-website#w_pro...

tomiterbeke
tomiterbeke Question owner
more options

Thank you all for the advice - I understand what the problem is. Next step: fixing it :-)