How to Change Image URLs from HTTP to HTTPS in WordPress

How to Change Image URLs from HTTP to HTTPS in WordPress

Recently, I changed this site to HTTPS / SSL, which is hosted on WordPress CMS. The transition of the site from HTTP to HTTPS was smooth, as did the redirection permanent to HTTPS was also successful. After a short time, the HTTP websites were redirecting themselves to their HTTPS equivalents and displayed the green padlock symbol. The only problem was that the majority of HTTPS pages displayed mixed warnings about content.

Because of these warnings, websites don’t display the Secure tag, also known as a padlock. They instead state that “Your connection to this site is not fully secure” or “This connection is not Private”.

The issue arises when pages’ resources point to HTTP URLs rather than HTTPS and are therefore categorized as insecure elements. The mixed content warning is typically caused by images that are added to pages that load using the HTTP URL. The issue isn’t related to the SSL configuration itself, but must be addressed in the process of moving to HTTPS.

I sifted through many sources to discover a clear method to change images to HTTP to HTTPS following SSL migration within WordPress. But, I could not find any guide to aid a novice to complete this task without difficulty. After a lot of brainstorming and reading through many documents, I finally worked out an easy way to fix the not secure error on HTTPS sites.

Guide to Update Images to HTTPS in WordPress

This guide will be short and straight to the essentials so that novices aren’t confused as I was.

We’ll use our ” Better Search Replace” plugin for WordPress which comes with the most advanced features of similar plugins. It is possible to complete this job without having to log into the phpMyAdmin system to execute any SQL queries that could cause problems for your website in the event of a problem.

Before you proceed, be aware that this tutorial is only applicable to WordPress customers who configured the redirection to 301 and who are using the HTTPS protocol for their website or blog. While this is a good solution in the majority of situations however, it is important to think about other aspects in the event that the issue persists.

1. Change WordPress Home and Site URL to HTTPS

Visit the WordPress Dashboard > Settings > General. Change the WordPress Address and the URL for your Site Address in HTTPS, instead of HTTP. (Refer image)

This lets WordPress its own redirection system. In addition, all hyperlinks within the WordPress application and on the website will be changed to their HTTPS equivalents. This means that all content on the website’s content is, and links to, encrypted content. To be certain you have the following rule to the .htaccess file.

RewriteEngine On

RewriteCond %HTTP:X-Forwarded-SSL !on

RewriteRule ^(. *)$ https://%HTTP_HOST%REQUEST_
URI [R=301,L]

This redirect makes sure that any HTTP requests to HTTPS.

2. Modify Media Assets (Images Internal links, Images) From HTTP to HTTPS

Moving to the next step. It is now time to change all of the previous HTTP URLs within your WordPress database using HTTPS. This involves updating all images file links as well as internal links manually added (in posts or pages) to HTTPS in order to avoid any insecure image warnings and to fix an error with mixed content. There isn’t any requirement to change external links that point to other websites to HTTPS.

Warning: Make sure to backup your database before you start.

Change HTTP to HTTPS by using the Beter Search Replace plugin

To continue to proceed, download to install the ” Better Search Replace” WordPress plugin and then activate it.

Then, head to the page for plugins in the section Tools. Within the “Search for” field enter the HTTP version of your site’s URL as well as your HTTPS variant within the “Replace with” field. In the table select, scroll down to select one of them. It is the ” wp_posts” table, which includes image URLs as well as URLs embedded in pages and posts. Uncheck”Run as dry run” and click the “Run as dry run?” option, and then click”Run Search or Replace.

The process will take a while to complete. Later, you can view information like the amount of changes that were made and the rows that have been updated for the specific table.

Note If you encounter an error while processing, open the Settings tab and reduce your “Max Page Size” value from 8000 to 10000.

That’s it! It’s that simple! HTTP version for your site’s embed URLs and image URLs must now be updated to HTTPS. HTTPS version.

To verify, go to a blog post and copy the image’s address within the post or browse the source of the page. The URLs for images should now display the HTTPS version, and you will be able to see a Secure padlock in an address bar.

Bonus Tips: After replacing HTTP with HTTPS successfully you are able to remove the extension.

Find out why the HTTPS site isn’t showing a padlock in green

Be aware that certain pages that have broken or inaccessible links , such as those with expired CDN could still produce mixed content. You can find unsafe elements on these pages using the Inspect Element feature within Chrome or simply using to easily identify insecure elements on SSL-enabled websites.

Reference: Read this comprehensive article written by Michael Bely.

Bert Hoxton

Bert Hoxton