Mixed content is one of the lesser-known threats to the security of your website. In this article, we show you how you can find and fix it.
Mixed content is when your website is loading over a secure HTTPS connection but you are also using resources from an unsecured source (like images or videos over an HTTP connection). You are mixing up HTTPS and HTTP, hence the name: mixed content. Mixed content undermines the security provided by the HTTPS certificate and will mark your website as unsafe in browsers.
The mixed content monitor is not enabled by default, so you have to switch it on.
Once you have enabled the test, Semonto will start scanning the website for mixed content. This may take a while, so no need to keep this page open. You will receive a mail with the results if any mixed content was detected.
If Semonto found mixed content, you receive a notification by mail. It looks something like this:
The overview will mention the location of the mixed content (starting with https) and the non-secure source it is pulled from (starting with http). The mail will show you a selection.
The number of URLs that Semonto can check for you is linked to your subscription. If you have exceeded the number of allowed URLs, a message will appear on your dashboard. You can then easily upgrade your account to a subscription that better fits your needs.
Yes, you receive a detailed overview of all the mixed content we have found on your website. You can download the list in an Excel, CSV or JSON format to share the results with your team members.
When mixed content monitoring is enabled, Semonto automatically checks your website for mixed content several times a week.
Right now, you cannot request a quicker retest in between scheduled tests, but this is something that we are working on. We will inform you as soon as this becomes available.
Read more about mixed content on our feature page. Do not hesitate to reach out if you need any help getting started. We are more than happy to assist you.