Title: Stell Getting Insecure Errors
Last modified: August 21, 2016

---

# Stell Getting Insecure Errors

 *  Resolved [CoreyDubeau](https://wordpress.org/support/users/coreydubeau/)
 * (@coreydubeau)
 * [12 years, 6 months ago](https://wordpress.org/support/topic/stell-getting-insecure-errors/)
 * My site is on http, but my checkout page is https:
    [https://earthingcanada.ca/checkout/](https://earthingcanada.ca/checkout/)
 * I can’t seem to figure out what’s causing this message:
 * “Your connection to earthingcanada.ca is encrypted with 256-bit encryption. However,
   this page includes other resources which are not secure. These resources can 
   be viewed by others while in transit, and can be modified by an attacker to change
   the look of the page.
 * The connection uses TLS 1.0.
 * The connection is encrypted using AES_256_CBC, with SHA1 for message authentication
   and RSA as the key exchange mechanism.”
 * [http://wordpress.org/plugins/ssl-insecure-content-fixer/](http://wordpress.org/plugins/ssl-insecure-content-fixer/)

Viewing 1 replies (of 1 total)

 *  Plugin Author [webaware](https://wordpress.org/support/users/webaware/)
 * (@webaware)
 * [12 years, 6 months ago](https://wordpress.org/support/topic/stell-getting-insecure-errors/#post-4351900)
 * G’day Corey,
 * Your theme has a hard-coded reference to Google Fonts (probably in header.php),
   change it to load with a protocol-free URL:
 * `//fonts.googleapis.com/css?family=Rambla:400,700,400italic`
 * Next, [CodeArt – Google MP3 Player](http://wordpress.org/plugins/google-mp3-audio-player/)
   is loading jQuery UI directly along with its Smoothness theme. You’ll need to
   hack that plugin to fix it, then tell the plugin author. Change lines 260-261
   of index.php in that plugin to read:
 *     ```
       <link rel="stylesheet" href="//code.jquery.com/ui/1.10.2/themes/smoothness/jquery-ui.css" />
       <script src="//code.jquery.com/ui/1.10.2/jquery-ui.js"></script>
       ```
   
 * (Actually, that’s still a bad way to do it, the plugin author should be using
   [wp_enqueue_script()](http://codex.wordpress.org/Function_Reference/wp_enqueue_script)
   and [wp_enqueue_style()](http://codex.wordpress.org/Function_Reference/wp_enqueue_style)
   to load scripts and stylesheets, but this hack will get you out of trouble.)
 * You’re also loading your footer icons (footer-icons.gif) over HTTP. Can you change
   that in your theme’s settings?
 * cheers,
    Ross

Viewing 1 replies (of 1 total)

The topic ‘Stell Getting Insecure Errors’ is closed to new replies.

 * ![](https://ps.w.org/ssl-insecure-content-fixer/assets/icon-256x256.png?rev=2590634)
 * [SSL Insecure Content Fixer](https://wordpress.org/plugins/ssl-insecure-content-fixer/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/ssl-insecure-content-fixer/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/ssl-insecure-content-fixer/)
 * [Active Topics](https://wordpress.org/support/plugin/ssl-insecure-content-fixer/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/ssl-insecure-content-fixer/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/ssl-insecure-content-fixer/reviews/)

 * 1 reply
 * 2 participants
 * Last reply from: [webaware](https://wordpress.org/support/users/webaware/)
 * Last activity: [12 years, 6 months ago](https://wordpress.org/support/topic/stell-getting-insecure-errors/#post-4351900)
 * Status: resolved