Fix mixed content warnings when migrating from HTTP to HTTPS

I apologize for the long title.

Recently, I enabled HTTPS support on my site. When you visit my site, you should receive the satisfying green lock icon in your browser.

20150724_001

This migration set all links going forward to use HTTPS, but did nothing for older links. As such, I was left with the dreaded yellow lock icon.

20150724_002

Inspecting the error, I found the warning was due to mixed content (e.g., images, iframes, etc…) that was served over HTTP.

20150724_003

Upon examining the source code of a few pages, I found that images were hard-coded with HTTP when they were uploaded.

<meta property="og:image" content="http://loganmarchione.com/wp-content/uploads/2014/03/20140311_001.png" />
<meta property="og:image" content="http://loganmarchione.com/wp-content/uploads/2014/03/20140311_002.png" />
<meta property="og:image" content="http://loganmarchione.com/wp-content/uploads/2014/03/20140311_003.png" />

I have too many posts to go back and edit each one manually. Lucky for me, the folks over at Interconnect IT have a a great script for doing a search/replace on an entire WordPress database. Better yet, their Github page is pretty active.

Download the script to your WordPress root directory and unzip it.

sudo wget https://github.com/interconnectit/Search-Replace-DB/archive/master.zip
sudo unzip master.zip
sudo rm master.zip

Then, in your browser, navigate to http://www.yoursitehere.com/Search-Replace-DB-master, and you’ll be greeted by the interface.

20150724_006

The script will pull your database info from your wp-config.php file, so you don’t need to worry about digging up the username/password information. In the two boxes at the top, enter your search/replace strings. Again, I was trying to replace http://loganmarchione.com with https://loganmarchione.com.

20150724_007

I chose to execute the script on all tables and to use the dry-run option first. As you can see, no changes were made on the dry-run, and I received a well-organized report of what changes were to be made.

20150724_008

Before the live-run, be sure to backup your database. These are SQL commands and there is no undo option going forward!

mysqldump --opt -u username -p databasename > /path/to/file.sql

After doing the live-run, which only took a few seconds, the same pages with images are now served securely. In theory, this should also help load times ever-so-slightly, since Nginx won’t have to do a 301 redirect on each image to the HTTPS address.

20150724_009

After you’re finished, be sure to delete the tool, or you’ll leave yourself exposed to database updates by complete strangers. 😉

sudo rm Search-Replace-DB-master/

 

Logan

4 thoughts on “Fix mixed content warnings when migrating from HTTP to HTTPS

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.