Title: WP Calls HTTPS images on HTTP page. Last modified: August 24, 2016 --- # WP Calls HTTPS images on HTTP page. * [Kevin de Bie](https://wordpress.org/support/users/alphabootis/) * (@alphabootis) * [11 years, 1 month ago](https://wordpress.org/support/topic/wp-calls-https-images-on-http-page/) * For some reason, WordPress started to refer to images using https instead of http recently. As there is no trusted certificate installed this breaks them. I am unable to pinpoint the exact moment this started. I have changed no configuration variables apart of keeping everything up to date. This is **only** true for new articles. * I personally see no way of fixing this, is this a new setting somewhere? Now I have to manually fix all the https links in the code by replacing them. This is not really a biggie for me, but I cannot explain this workaround to the person actually using this WordPress installation. * I do not use SSL for the normal visitor as there is no information exchanged worth encrypting. I do have employed a self signed certificate so as to have a measure of security in place for the administration panel. All the articles are therefore written while connected through SSL. Is this related? I always assumed WordPress called content based on what way the site is approached. (http or https respectively) Viewing 9 replies - 1 through 9 (of 9 total) * Moderator [James Huff](https://wordpress.org/support/users/macmanx/) * (@macmanx) * [11 years, 1 month ago](https://wordpress.org/support/topic/wp-calls-https-images-on-http-page/#post-6089323) * If you use HTTPS on the backend when uploading photos, WordPress will now insert them into posts sourced at `https://` rather than `http://` * This behavior was changed in [https://core.trac.wordpress.org/ticket/15928#comment:97](https://core.trac.wordpress.org/ticket/15928#comment:97) * Discussion to revert that has begun at [https://core.trac.wordpress.org/ticket/32112#comment:23](https://core.trac.wordpress.org/ticket/32112#comment:23) and I recommend adding your voice there if you’d like to, but for now a good quick fix is to switch to the Text editor tag and edit those images to be `src ="http://` instead. * [Martin Robbins](https://wordpress.org/support/users/santeven/) * (@santeven) * [11 years, 1 month ago](https://wordpress.org/support/topic/wp-calls-https-images-on-http-page/#post-6089327) * You might be able to fix all urls via a single wildcard directive within **.htaccess** * Moderator [James Huff](https://wordpress.org/support/users/macmanx/) * (@macmanx) * [11 years, 1 month ago](https://wordpress.org/support/topic/wp-calls-https-images-on-http-page/#post-6089329) * That is possible, but it would be a bit overkill for something that just began and might be reverted soon. * Much quicker/safer to just edit the posts and correct the source URLs. 🙂 * Thread Starter [Kevin de Bie](https://wordpress.org/support/users/alphabootis/) * (@alphabootis) * [11 years, 1 month ago](https://wordpress.org/support/topic/wp-calls-https-images-on-http-page/#post-6089370) * Thanks a lot for these quick and clear replies. I definately consider this behavior a bug or at best very unpleasant. I will consider employing some other means of patching this, possibly the suggested htaccess method. The person using this wordpress installation lacks the technical knowhow to understand what is going on here so I dont see how explaining the notepad/replace all solution will make the world a better place. 🙂 Good to know it is not my webserver somehow fiddling about and this is, in fact, by design. * Why are the links not relative to begin with? I dont feel this sort of thing should be hard-coded and instead should be interpreted by the vistor’s browser. I can see this beeing a headache with multiple domains for example. Also using SSL for the back-end I’m pretty sure is considered best practice, but buying a certificate just for that purpose is definately overkill. * Moderator [James Huff](https://wordpress.org/support/users/macmanx/) * (@macmanx) * [11 years, 1 month ago](https://wordpress.org/support/topic/wp-calls-https-images-on-http-page/#post-6089412) * > Why are the links not relative to begin with? I dont feel this sort of thing > should be hard-coded and instead should be interpreted by the vistor’s browser. * I recommend joining in the discussion at [https://core.trac.wordpress.org/ticket/32112#comment:23](https://core.trac.wordpress.org/ticket/32112#comment:23) * > Also using SSL for the back-end I’m pretty sure is considered best practice, > but buying a certificate just for that purpose is definately overkill. * No one is forcing you to use SSL in the backend, but with regards to buying a certificate, keep your eyes on [https://letsencrypt.org/](https://letsencrypt.org/) for some interesting developments. * Thread Starter [Kevin de Bie](https://wordpress.org/support/users/alphabootis/) * (@alphabootis) * [11 years, 1 month ago](https://wordpress.org/support/topic/wp-calls-https-images-on-http-page/#post-6089491) * > I recommend joining in the discussion at [https://core.trac.wordpress.org/ticket/32112#comment:23](https://core.trac.wordpress.org/ticket/32112#comment:23) * I have thanks. * > No one is forcing you to use SSL in the backend, but with regards to buying > a certificate, keep your eyes on [https://letsencrypt.org/](https://letsencrypt.org/) > for some interesting developments. * You consider not running SSL in the back-end an option? To me, anything that transmits any sort of private information, such as passwords, needs to be encrypted. If not it can be intercepted by anyone running something like wireshark somewhere in between you and your wordpress server. * Moderator [James Huff](https://wordpress.org/support/users/macmanx/) * (@macmanx) * [11 years, 1 month ago](https://wordpress.org/support/topic/wp-calls-https-images-on-http-page/#post-6089512) * > You consider not running SSL in the back-end an option? * Yes, because it is an option? ¯\_(ツ)_/¯ * I mean, if you consider that you have to, then you’re the one forcing yourself to do it. 🙂 * Thread Starter [Kevin de Bie](https://wordpress.org/support/users/alphabootis/) * (@alphabootis) * [11 years, 1 month ago](https://wordpress.org/support/topic/wp-calls-https-images-on-http-page/#post-6089514) * > Yes, because it is an option? ¯\_(ツ)_/¯ > I mean, if you consider that you have to, then you’re the one forcing yourself > to do it. 🙂 * Using SSL is just as logical as locking the door of your house when you leave. Not using SSL needlessly increases the potential of someone breaking into your wordpress instance. So yes, it is my choice, but I like to have everything properly locked, as should everybody else. * Moderator [James Huff](https://wordpress.org/support/users/macmanx/) * (@macmanx) * [11 years, 1 month ago](https://wordpress.org/support/topic/wp-calls-https-images-on-http-page/#post-6089518) * For what it’s worth, I agree with you. I’m just pointing out that it is optional because it is optional. 🙂 Viewing 9 replies - 1 through 9 (of 9 total) The topic ‘WP Calls HTTPS images on HTTP page.’ is closed to new replies. ## Tags * [Certificate](https://wordpress.org/support/topic-tag/certificate/) * [HTTP](https://wordpress.org/support/topic-tag/http/) * [HTTPS](https://wordpress.org/support/topic-tag/https/) * [images](https://wordpress.org/support/topic-tag/images/) * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) * 9 replies * 3 participants * Last reply from: [James Huff](https://wordpress.org/support/users/macmanx/) * Last activity: [11 years, 1 month ago](https://wordpress.org/support/topic/wp-calls-https-images-on-http-page/#post-6089518) * Status: not resolved ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics