If you are using https pages or some of the pages (payment pages etc) in your website, keep the following in your mind. In some browsers especially IE shows warning of non-secured content in secured page. This cause user the feeling that the website is not secured.

  1. Use relative url always. Relative URL means those without starting with http:// or https://, instead use relative url.
  2. If you need to use full url, use dynamic base name in with your programming language.For example in PHP, define BASEURL = and use this variable in every links and forms. Change the BASEURL value between http and https depending upon the protocol ($SERVER[‘HTTPHOST’])
  3. Check inside javascript function whether it is calling any non-secured url. (For example, sometime you may use full url inside Javascript). Check using if condition to decide, which protocol to use, like what Google Analytic does.
    eg: (“https:” == document.location.protocol) ? “https://ssl.” : “http://www.”);
  4. Check if there is any flash content which tries to load data from non-secured url. There is a chance to load some xml configuration files using http protocol
  5. Also change the codebase parameter value in object tag (flash or other media) whether it is pointing http or https url. There is a chance for this url in flash content.
    codebase=” /cabs/flash/,0,115,0″
    Change this url to https://downoad…

  6. If you are using facebook connect or such integration, check the javascript initialisation code.
    FB.init(“78bc8ffb87c41eabb6395a2045c76021″, “/xdreceiver.htm“);
    Inside the xd
    receiver.htm file, the cross platform callback will be non secured url (http)
    Change this to xdreciverssl.htm and use new code, which is available in Facebook documentation

Tools like Fiddler can be used to check which url is non-secured. Firebug cannot show all non-secure connections. If the above steps do not solve your problem, try disabling javascript files one by one to point out which call is making the problem. Also try this by disabling Flash objects one by one.

Good luck guys