There are many ways to fix insecure content loading on your site, one is to go and change all elements loaded over http:// with https:// but if you are unable to as a plugin or more is preventing this you can always use the CSP header to upgrade insecure requests. For this we added this to the top of wp-config.php just after <?php, this will tell the browser to automatically upgrade all requests to HTTPS.
header("Upgrade-Insecure-Requests: 1");
header("Content-Security-Policy: upgrade-insecure-requests;");
header("Upgrade-Insecure-Requests: 1");
header("Content-Security-Policy: upgrade-insecure-requests;");
Published on: 20 / 05 / 2020