Are you or your students seeing a security warning when visiting your Thinkific site? If so, the most likely reason is that there's some insecure content on the page. Below we'll cover what that means, how to recognize this issue, and how to fix it!
What's Insecure Content?
Insecure content is any file linked to from a web page via an HTTP link rather than an HTTPS link. (The 'S' signifies that the link is secure).
If there's any insecure content on a page, it means that the whole page can only be available at an HTTP link. If anyone tries to visit that page via HTTPS, they'll see a scary security message from their browser.
Here's what the error message looks like for most common browsers:
Needless to say, you don't want prospective or current customers seeing this message! Here's how to fix it:
Fixing Insecure Content
Step 1. Temporarily Deactivate SSL
The first thing you should do is go to the Settings SSL page to deactivate SSL for your site:
Having SSL enabled for your site is a great idea (we cover why in this article). But having this setting enabled does mean that all URLs for your site will redirect to HTTPS. To avoid your users seeing a security message whilst you're fixing this issue, switch off SSL. Your site will be available at HTTP links again for the meantime.
Step 2. Find the insecure content
Now you need to find out what's causing the browser security warning to show. The most common cause are files, hosted on other web pages, linked to via a "non-secure" HTTP link. This "mixed content" (the mix of HTTP and HTTPS URLs) causes browsers to flag the page as insecure.
To find out specifically which content is being flagged as insecure, visit whynopadlock.com.
Paste in the HTTPS URL for the offending page(s) on your Thinkific site in the field shown below and hit Check:
Why No Padlock will then give you a report on the page, highlighting any insecure elements on the page:
Step 3. Fix the insecure links!
Now that you've found which file(s) are causing your page to be insecure, it's time to make them secure. You do this by using an HTTPS URL to link to the file rather than an HTTP URL.
The best way to handle this is to upload the file directly to Thinkific rather than "hot-linking" to it. (Hot-linking means to link from a web page to a file already hosted on another website). Uploading the file to Thinkific ensures that it will be available via a secure link.
For example, say the problem is with an image linked to from a text editor on Thinkific (e.g. the Course Description). You can use the Insert Image button to add it instead:
For Developers: If the issue is with a file that you've linked to when customizing your site, upload that file as an asset.
Step 4. Test your fix and reactivate SSL
Now that you've made all your content secure, visit the same page via an HTTPS URL. You should be able to access it without seeing any browser security warnings!
Now head back to the Settings page to reactivate SSL for your site:
Still having issues? Our customer support team will be happy to help. You can go here to get in touch with the team directly.