Title: [Plugin: WordPress HTTPS (SSL)] pesky favicons causing insecure content
Last modified: August 20, 2016

---

# [Plugin: WordPress HTTPS (SSL)] pesky favicons causing insecure content

 *  Resolved [JonnoPrice](https://wordpress.org/support/users/jonnoprice/)
 * (@jonnoprice)
 * [13 years, 10 months ago](https://wordpress.org/support/topic/plugin-wordpress-https-ssl-pesky-favicons-causing-insecure-content/)
 * Hi Mike.. Firstly thanks for a great plugin.. and sorry if this has been answered
   elsewhere – I wasn’t able to find the solution myself.
 * I know your plugin works because everything was working fine a couple of days
   ago. I have forced SSL Admin/Login and also on a page to “Submit Content” and
   got the nice green https..
 * Then yesterday, after I had done a bunch of work with installing W3 cache, Cloudflare
   and a few other plugins I noticed that now I’m getting the dreaded Chrome “Insecure
   Content” warning when trying to login.
 * Seems it is fetching the favicon (twice for some reason) and this is being served
   over http… I’ve tried removing your plugin and then reinstalling and activating
   in the hope it will fix things like it did before but no go.
 * I’ve also purged all caches, on my machine, W3 and on Cloudflare..
 * Can you help a brother out?
 * [http://wordpress.org/extend/plugins/wordpress-https/](http://wordpress.org/extend/plugins/wordpress-https/)

Viewing 6 replies - 1 through 6 (of 6 total)

 *  Plugin Author [mvied](https://wordpress.org/support/users/mvied/)
 * (@mvied)
 * [13 years, 10 months ago](https://wordpress.org/support/topic/plugin-wordpress-https-ssl-pesky-favicons-causing-insecure-content/#post-2934839)
 * Post a link. I can probably tell you where it’s at.
 *  Thread Starter [JonnoPrice](https://wordpress.org/support/users/jonnoprice/)
 * (@jonnoprice)
 * [13 years, 10 months ago](https://wordpress.org/support/topic/plugin-wordpress-https-ssl-pesky-favicons-causing-insecure-content/#post-2934849)
 * Thanks Mike.
 * [http://globaltradecompliance.net](http://globaltradecompliance.net)
 * Note: the site is currently locked down (using Restricted Site Access plugin)
   whilst in development.
 * So you should be redirected to the login page which is what I want secure.
 * Let me know if you need access and I can create a temp account for you.. Or I
   can add you IP address to the whitelist.
 * cheers
    Jonathan
 *  Plugin Author [mvied](https://wordpress.org/support/users/mvied/)
 * (@mvied)
 * [13 years, 10 months ago](https://wordpress.org/support/topic/plugin-wordpress-https-ssl-pesky-favicons-causing-insecure-content/#post-2934853)
 * After the page loads, an `<object>` tag with the favicon in the `data` attribute
   is created at the end of the `body` tag. Since the tag does not appear in the
   source code, it’s safe to say that JavaScript is adding this in.
 * Try disabling plugins until it stops. It’s possible that it’s not one plugin,
   it could be a conflict with two plugins, or a plugin and your theme.
 *  Thread Starter [JonnoPrice](https://wordpress.org/support/users/jonnoprice/)
 * (@jonnoprice)
 * [13 years, 10 months ago](https://wordpress.org/support/topic/plugin-wordpress-https-ssl-pesky-favicons-causing-insecure-content/#post-2934855)
 * Thanks Mike… will start deactivating plugins and will report back here if I manage
   to figure out which one it is.
 *  Thread Starter [JonnoPrice](https://wordpress.org/support/users/jonnoprice/)
 * (@jonnoprice)
 * [13 years, 10 months ago](https://wordpress.org/support/topic/plugin-wordpress-https-ssl-pesky-favicons-causing-insecure-content/#post-2934867)
 * Hi Mike, I’ve not been able to find a plugin causing the problem..
 * Probably a n00b question but..
 * Just wondering – using the Google Chrome console – I find that the following 
   error is being logged..
 * The page at [https://globaltradecompliance.net/wp-login.php](https://globaltradecompliance.net/wp-login.php)
   displayed insecure content from [http://globaltradecompliance.net/favicon.ico](http://globaltradecompliance.net/favicon.ico).
   
   10[blocked] The page at [https://globaltradecompliance.net/wp-login.php](https://globaltradecompliance.net/wp-login.php)
   ran insecure content from [http://globaltradecompliance.net/favicon.ico](http://globaltradecompliance.net/favicon.ico).
 * Would it make any difference if I simply deleted the favicon? (not that I’ve 
   been able to find that damn file using FTP.)
 * sigh.
 *  Thread Starter [JonnoPrice](https://wordpress.org/support/users/jonnoprice/)
 * (@jonnoprice)
 * [13 years, 10 months ago](https://wordpress.org/support/topic/plugin-wordpress-https-ssl-pesky-favicons-causing-insecure-content/#post-2934876)
 * hey again.. problem solved – got there in the end.
 * Copied a new favicon.ico file to the root directory using FTP.
 * then placed the following line in between the <head> tags of the header.php file.
 * <LINK REL=”SHORTCUT ICON” HREF=”[https://my-site-name.com/favicon.ico”&gt](https://my-site-name.com/favicon.ico”&gt);
 *  No more unsecure elements 🙂

Viewing 6 replies - 1 through 6 (of 6 total)

The topic ‘[Plugin: WordPress HTTPS (SSL)] pesky favicons causing insecure content’
is closed to new replies.

 * ![](https://s.w.org/plugins/geopattern-icon/wordpress-https_bec2c9.svg)
 * [WordPress HTTPS (SSL)](https://wordpress.org/plugins/wordpress-https/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/wordpress-https/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/wordpress-https/)
 * [Active Topics](https://wordpress.org/support/plugin/wordpress-https/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/wordpress-https/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/wordpress-https/reviews/)

## Tags

 * [insecure content](https://wordpress.org/support/topic-tag/insecure-content/)

 * 6 replies
 * 2 participants
 * Last reply from: [JonnoPrice](https://wordpress.org/support/users/jonnoprice/)
 * Last activity: [13 years, 10 months ago](https://wordpress.org/support/topic/plugin-wordpress-https-ssl-pesky-favicons-causing-insecure-content/#post-2934876)
 * Status: resolved