Thanks to Google everyone is now familiar with the secure site padlock in the browser address bar. It’s pretty easy to setup thanks to some great tools like Let’s Encrypt (that generates free SSL certificates) and (for WordPress) plugins Really Simple SSL. But it’s not always plain sailing! Sometimes, despite using these tools you get mixed content and SSL errors> There’s plenty of info online about how to find and fix these (again, using plugins) but this is how I was able to repair a site that had just one page layout that was showing as HTTPS in the address bar but still listed as Not Secure.
Finally! I’ve been trying to figure out why a client site, one with no SSL issues (until now) has been showing just one page of the blog as Not Secure. I Googled, backed up the site then tried changing the URL using Elementor Tools (using the http version of the address and changing it to https). Nothing found.
Then I went into the SQL database and ran query on the http version of the site. Nothing found. Hmmm…
Another check on the incredibly handy Why No Padlock site (which should have been my first port of call) and an old non-HTTPS URL, actually to a development copy that I hosted locally, was flagged up for one of the images used on the page.
Next step: check the source for the offending image file.
Next setback: no file with that name is listed in the source.
So back in the SQL database I ran a search on the path of the file and found that there were 107 instances of it in wp_postmeta and another 27 in wp_posts. It’s definitely there!
A quick URL find and replace later using this query and it’s all back to being padlocked and secured.
UPDATE wp_postmeta SET meta_value = replace(meta_value, 'OLD URL', 'NEW URL');
UPDATE wp_posts SET guid = replace(guid, 'OLD URL', 'NEW URL');
UPDATE wp_posts SET post_content = replace(post_content, 'OLD URL', 'NEW URL');
Done!