Photos missing on phones? The http:// mixed-content problem explained
Mixed content is what happens when a secure https page still pulls some of its files — images, scripts, stylesheets — over insecure http. Browsers do not show an error; they just quietly refuse to load those files.
The result is surreal: the site looks fine on the old office PC where it was built, while phone visitors see grey boxes where the photos of your freshly renovated rooms should be.
Why it costs you customers
You paid for those photos and that design; blocked files mean some visitors never see them.
It usually appears after a site is switched to HTTPS without updating old file links — so it disproportionately hits exactly the owners who did the right thing and got a certificate.
Check it in 30 seconds
Open the site on a phone with fresh eyes: any images missing that you know exist?
Our free check counts resources still requested over http:// on your page.
How to fix it
Anywhere your page references http://yourdomain… or http://anything — in image sources, stylesheets, embeds — change it to https:// (or a relative path like /images/photo.jpg).
The Better Search Replace plugin swaps http://yourdomain for https://yourdomain across the whole database in one pass. Back up first; it takes minutes.
Ancient YouTube embeds, map widgets and font links are frequent offenders. Re-grab the embed code from the source — modern embeds are https by default.
One stubborn http:// logo is worth chasing: a single blocked file can also kill the padlock icon on some browsers, undoing the trust you bought with the certificate. The page is either all-secure or it isn't.