Reply To: Web Security

#810
Alex
Keymaster
      Expired

      Hello Kolin,

      Thanks for contacting us.

      Loading files with http:// explicitly can cause the website to be defaced when loaded over HTTPS because the browser will display a security warning to the user indicating that the page contains insecure resources. This can lead to a poor user experience and may cause visitors to leave the website.

      To avoid this issue, all resources should be loaded using // instead of http://. This ensures that resources are loaded securely over HTTPS, while also allowing for automatic protocol conversion in case the page is served over HTTP.

      If some resources cannot be loaded using //, then they should be served over HTTPS instead of HTTP. This can be achieved by hosting the resources on a server that supports HTTPS or by using a content delivery network (CDN) that supports HTTPS.

      It’s important to ensure that all resources on the website are loaded securely to protect user data and provide a better user experience.

      Regards.