Today I noticed that SSL connection on this blog had errors due to “mixed content”, meaning HTTPS site was loading additional content that was served over insecure HTTP. After a little bit of digging in the console, I discovered that the issue was due to our Disqus comment plugin loading over HTTP.
I felt surprised learning that Disqus is serving HTTP content, and quickly googled, are there other webmasters complaining about this, and I found a few articles. What felt even more surprising was that this problem has been around since the end of 2016. See: Mixed Content Errors from Disqus on HTTPS Site
It turns out, Disqus is serving anonymous cookie over HTTP to improve the personalized content and advertising in Disqus comment section. Now, while it can help to improve advertising and personalized content in Disqus comments section, it can also make a harm for your site because of mixed content.
Luckily, there is a quite easy workaround, which involves disabling this anonymous cookie serving:
Disqus advanced settings
How to fix mixed content errors from Disqus on your HTTPS site:
- Login to your Disqus administrator account and go into your HTTPS site's settings.
- Select Advanced settings.
- Uncheck “Enable anonymous cookie targeting for your site's visitors”.
- Press Save.
Hope that helps!