Switching your website to HTTPS improves security, reassures your visitors and means you won’t be affected by those “not secure” warnings Chrome 56 will soon display on some HTTP pages.
Making the move isn’t always easy, unfortunately — there’s a lot to consider.
It’s not enough to deliver your main pages via HTTPS, for instance — your other content (scripts, CSS files etc) should also be protected. If it isn’t, your visitors may see warnings, or the content could be blocked, perhaps breaking your site.
HTTPS Checker is a service and desktop application which makes it easy to detect various mixed content issues.
The package is very easy to use. Type a domain, click “Run” and watch as the program detects and displays issues. (Beware, the free version scans up to 100 pages only.)
When the process is over, HTTPS Checker organizes any issues it’s found into various categories.
- SSL Certificate validation
- Active Mixed/ Insecure Content
- Passive Mixed/ Insecure Content
- Insecure Forms
- Insecure Redirects
- Insecure Canonical Links
- Insecure Links to the same domain
- Insecure Social Links
- Insecure Sitemaps
- Warnings. Examples include “You are not currently using the strict-transport-security header, which can leave you open to man-in-the-middle attacks with tools like SSLStrip” and “Though this site has HTTPS, the HTTP version does not actively redirect to the HTTPS version”.
You’re able to expand particular sections of the report to discover the affected URL(s).
HTTPS Checker is also available in various commercial forms. Paying from $9-$99 a month gets you support for scanning 10,000-250,000 pages in one session, detailed downloadable reports, a user agent switcher, more crawling options, an online tool, and more.
HTTPS Checker is available for Windows, Linux and Mac.