This section explains the causes and countermeasures for images not displaying, menus (animated child menus) not displaying, and layout collapsing due to style sheet loading failure after SSL conversion.


Why do images not display or layout collapse after SSL (HTTPS)?

Most of the reason for this is because an HTTPS page may be loading HTTP content in the same domain, and the browser may block the loading of content that is not unified to HTTPS.
(The situation where an HTTPS page has HTTP non-encrypted content loading within it is called a mixed content problem.)

In other words, when a page is accessed with HTTPS, if all the loading in the content is also loaded with HTTPS, the aforementioned images not being displayed, menus (child menu animations) not being displayed, style sheets not loading properly, etc. may be resolved.

Where is the mixed content?

The most common places where mixed content is found are in the writing of the theme and in the content recording section of the database.

If you are using an original theme, the loading URL for images and CSS may be written directly into the theme, and if this URL starts with HTTP, it may cause loading failure.

In this case, it is necessary to modify all the following URL writings in the theme to HTTPS.

<link rel="stylesheet" href="http://example.com/aaa.css">
<img src="http://example.com/aaa.jpg">

↓ …

<link rel="stylesheet" href="https://example.com/aaa.css">
<img src="https://example.com/aaa.jpg">

Or you can write the following URL so that it automatically becomes HTTP when loaded over HTTP and HTTPS when loaded over HTTPS.

<link rel="stylesheet" href="//example.com/aaa.css">
<img src="//example.com/aaa.jpg">

Modify the database URL

Rewriting HTTP content written to the database to HTTPS is a difficult manual process, as there may be thousands of them.

SSL Insecure Content Fixer

or other plug-ins will automatically rewrite the HTTP content to HTTPS after it is read from the database, eliminating the need to rewrite the database.

(It is dangerous to convert the database to HTTPS by issuing SQL statements.

If you rewrite all the HTTP contents in the database by issuing SQL statements at once, you may break the serialized data, and at worst, you may not be able to display the site.

Reference
Serialized data including the special data format a: s: recorded in the tables of the WordPress database

There is a well-known PHP script called Search Replace DB that rewrites the database data at once without destroying the serialized data.
This kind of script is used to rewrite HTTP to HTTPS in bulk.

Free WordPress:Malware Scan & Security Plugin [Malware and Virus Detection and Removal].

Related Posts:

  1. Vulnerability in tagDiv Composer plugin bundled with WordPress Newspaper theme allows database rewriting
    A vulnerability in tagDiv Composer, a plugin included with the WordPress Newspaper theme, has been discovered that allows the database to be rewritten....
  2. Change WordPress database prefix to prevent SQL injection
    You can reduce the chances of a successful SQL injection by changing the prefix of your WordPress database. We will explain how to do this....
  3. WordPress site defacement hacking for SEO purposes. what is SEO spam?
    The most common type of WordPress tampering these days is the hacking of WordPress sites for SEO purposes. We will explain this SEO spam....
  4. PHP programming to prevent SQL injection in WordPress
    Here is a small PHP programming trick to prevent SQL injection in WordPress....
  5. Case of tampering and embedding of ois.is/images/logo.png loading scripts in multiple WordPress files
    We will introduce an example of a type of malware in which an image file of ois.is is illegally embedded, which has been increasing greatly in recent years....
  6. 8 characteristics of sites that can be hacked by WordPress
    We would like to explain the most common characteristics of the sites we have repaired at WordPress Doctor that have suffered malware damage due to hacker infiltration. If you take the following security measures, you will be able to reduce hacker infiltration to a great extent....