Really Simple SSL

How to fix blocked resources that were not found in any file or post

If you have Really Simple SSL Pro installed, you might get the warning that your site contains references to an external resource that cannot load over SSL.

For example, if a page contains this HTML:

<img src=”http://www.not-your-domain.com/image.jpg”>

And that domain does not have an SSL certificate, this image won’t load on SSL.

In this particular warning, the link was found on your website but the scan couldn’t locate it’s source in your website files or database posts. This URL has been found in the scan of the entire database and might be used in a specific plugin table. If the scan recognized the plugin, you already know where to look: the settings of that particular plugin. If the plugin was not recognized, you might need to find out which plugin uses that table. If you need any help with this, feel free to contact us.

To fix this you should:

  • Lookup the plugin that is mentioned
  • Check the settings for the URL that is mentioned.
  • Change the URL to your own domain, and to https

 

Rogier

Rogier

Related articles

33 Responses

  1. Hi Rogier, I am getting the “Database tables with blocked resources” with the following info:

    File: http://wp.me/p6Oka3-8M
    Location: wp_wzre_options

    Can you please help fix this? Would appreciate the guidance here.

    Thank you in advance!
    Anil

    1. Hi Lynn,

      the mixed content fixer is triggered by the .js, thinking it might be a javascript file, while it could very well be the start of a real URL in a post. Since the mixed content fixer stops after detecting .js this is considered a false positive and you can safely press the ignore button.

      Mark

    1. Hi Edward,

      as long as the image does not cause any mixed content on your website it’s safe to ignore this. I don’t expect this to cause any issues, to be safe you can site me your site address and I’ll have a look.

      Mark

    1. Hi Chris,

      it looks like the script isn’t being used on your site anymore, it won’t cause any mixed content so you can safely ignore this. To fully remove it you can search for the line in the wp_posts table of your database and remove it.

      Mark

  2. Hi Rogier,

    I’m getting

    Database tables with blocked resources

    File:
    //dist/divider.bundle.css
    Location: wp_postmeta

    I’m using WP on Azure. I’ve connected to the files via FTP and can’t find either the above mentioned css file or location. Would appreciate some help.

    Thanks

    John

    1. Hi John,

      What is the domain? The plugin seems to have found a css file which it can’t load over https, but it might be a false positive, as it’s a bit of an unusual file name. If you send me the domain I can check it manually.

      1. Thanks Rogier

        Here are some further details that may be relevant along with the domain

        https://clicksited.azurewebsites.net/ – Azure address

        CNAME – clicksited.com is an alias of target.clickfunnels.com (I beleive your plugin is picking up the SSL cert provided by ClickFunnels, I don’t beleive I purchased a separate one for other sub domains and I don’t kow if this is a wild card, might be something to do with it)

        CNAME www is an alias of clicksited.azurewebsites.net

        1. I think the plugin tracks it as an issue because it’s a relative URL. But I tested it, and it can load fine over https. So you can ignore this file.

          1. Thanks Rogier. I bought a certificate for http://www.clicksited.com. When I go to add it to Azure, I’m told I need to upgrade to a way more expensive plan. Can I get around this with your plugin somehow or do I have to pay? Thanks in advance!

          2. Hi John, no, as the plugin doesn’t supply certificates, I’m afraid you’ll have to upgrade.

    1. Hi Victor,

      have you tried enabling the ‘Switch mixed content fixer hook’ option in the plugin settings? That might make the mixed content fixer work. If that doesn’t work can you check if you use any of these plugins: https://really-simple-ssl.com/knowledge-base/known-plugin-compatibility-issues/? One of these might conflict with the mixed content fixer.

      If a result is appearing in the database after you removed it there might be a plugin active which writes this to the database. I don’t think it will cause any mixed content on your site so it’s safe to ignore it.

      Mark

  3. Hi Rogier,

    I have “Database tables with blocked resources”. Through the use of the plugin I have found out that my images are pointing to my internal IP (ex 192.168.1.1/my_image.jpg) and not my domain (ex. http://www.mydomain.com/my_image.jpg). Are there more instructions that can help me fix this issue? What is the best way to make my WP site point to images with my domain as the root?

    Torrel

    1. Hi Chris, the problem here is that this URL: http://dev.oursite.com/ is not resolved, so won’t give any response. As a result it will show up in the blocked list.

      Actually it will not cause any mixed content: it’s a broken image. The best would be to just delete the reference to this image.

    1. Hi Chris,
      Does the image load over https if you paste this url in a browser?
      You can also put in a support ticket with the actual domain, so I can check the actual site and image.

  4. I have image database tables blocked resources (please advise):

    File:
    http://mshome.augmentagency.com/wp-content/uploads/sites/17/2018/09/Martin-Svensson-Logo-Full-01.png
    In table: wp_17_posts In field(s): . Plugin: Default wp posts table

    File:
    http://mshome.augmentagency.com/wp-content/uploads/sites/17/2018/08/6907806-Waterfront-Espresso-Dresser-Silo.jpg
    In table: wp_17_posts In field(s): . Plugin: Default wp posts table

    File:
    http://mshome.augmentagency.com/wp-content/uploads/sites/17/2018/08/No-Tool-Icon-1.png
    In table: wp_17_posts In field(s): . Plugin: Default wp posts table

    File:
    http://mshome.augmentagency.com/wp-content/uploads/sites/17/2018/08/Delivery-Icon-1.png
    In table: wp_17_posts In field(s): . Plugin: Default wp posts table

    File:
    http://mshome.augmentagency.com/wp-content/uploads/sites/17/2018/08/Furniture-Icon.png
    In table: wp_17_posts In field(s): . Plugin: Default wp posts table

    1. Hi Rory,

      results in the database cannot be fixed automatically. These results can be fixed by performing a search and replace on the database, using a plugin like Better Search Replace (https://wordpress.org/plugins/better-search-replace/). You can use that plugin to search for http://mshome.augmentagency.com references in your database and replace them with https://mshome.augmentagency.com. We recommend to create a backup of your database before doing this.

      Mark

  5. When I run a mixed content scan, I receive a list of posts with blocked resources. I don’t recognise any of the links, so I’m not sure what their source is or how to remove them.

    This is an iFrame in the wp_postmeta database table
    http://sccjapan.com/appropriate-systems-for-your-producing-preferences/embed/#?secret=XIjIxDKg4G
    In wp_postmeta table: _oembed_565aee3a35ef0d45258b7368e1e23585 In post ID: 82

    This is an iFrame in the wp_postmeta database table
    http://accelitech.biz/most-of-the-composition-abstracts-on-authorities/embed/#?secret=GFHKcDD9XH
    In wp_postmeta table: _oembed_b5ce79fa7cce070f1246349cded600a1 In post ID: 82

    This is an iFrame in the wp_postmeta database table
    http://snowsugar.com/2018/07/author-released-october-15th-2010-as-soon-as/embed/#?secret=2YmI21gZbk
    In wp_postmeta table: _oembed_aef63e9595486049b43868a5354d87d2 In post ID: 82

    This is an iFrame in the wp_postmeta database table
    http://afarvn.com/academic-paper-writing-service/every-one-of-the-dissertation-abstracts-about/embed/#?secret=fe4LUAZ6cq
    In wp_postmeta table: _oembed_93126856858dd9dfdd9afcfedb540778 In post ID: 82

    This is an iFrame in the wp_postmeta database table
    http://eqvn.bho.vn/2018/03/04/essay-author-big-excellent-documents-all-by/embed/#?secret=4am2qQL8Wg
    In wp_postmeta table: _oembed_e19da05893c50fe710f56e0efbb6c0d3 In post ID: 82

    This is an iFrame in the wp_postmeta database table
    http://www.binus.tv/2018/07/04/can-certainly-testosterone-levels-find-the-term/embed/#?secret=FOuz7IRxEq
    In wp_postmeta table: _oembed_35923671ece21b46adfc2ffbbacd9784 In post ID: 82

    This is an iFrame in the wp_postmeta database table
    http://www.brcgestionecrediti.it/gao-15-331-national-fischer-security-management/embed/#?secret=cd7MZei7XR
    In wp_postmeta table: _oembed_3bd92f7e3f3f04d5ddd5b8fcbd434265 In post ID: 82

    This is an iFrame in the wp_postmeta database table
    http://aicree.com/elliot-is-currently-writing-what-we-simply-call-a/embed/#?secret=8OnjYqRtJV
    In wp_postmeta table: _oembed_948a12c52553dbeb9c70fcc5372b12a4 In post ID: 82

    This is an iFrame in the wp_postmeta database table
    http://quanambotat.net/kham-pha-bi-mat-khong/embed/#?secret=tzKYAwspez
    In wp_postmeta table: _oembed_b9d597191193cc1319902dc4616f573e In post ID: 82

    This is an iFrame in the wp_postmeta database table
    http://egoistka-club.ru/essay-positive-aspects-of-on-the-internet-lessons/embed#?secret=Ar48m5BXSt
    In wp_postmeta table: _oembed_ad1ea31f53fd584f608059c134c7c627 In post ID: 82

    1. Hi Nadia,

      these urls seem to be generated by a plugin/extension of some sort and generally aren’t used on the site itself. Therefore these results can be safely ignored by pressing the last button in the scan results.

Leave a Reply

Join our mailing list - 8 Tips & Tricks in your inbox over the next 8 weeks!

Integrate with Really Simple SSL

Really Simple SSL offers a Free SSL Certificate from Let’s Encrypt. Do you want to integrate with Really Simple SSL as a hosting provider? Let us know!

Choose the answer that most closely resembles your proposed integration. Additional information can be entered below.
After sending the form. The pop-up will close automatically.