Understanding Warning: Contains Unauthenticated Content

I am having the same problems in trying to understand what this means and how to rid myself of it.  I am using Firefox also.

From what I gather, does the Accepted Solution mean that the cause of this warning is merely junk on the webpage I am looking at that causes the warning?

Is the webpage really and truly secure except for the commercial junk?  I ask because the webpage I want is an Order Form where I will have to send my sensitive information over in order to order a product I want.  I must know if the webpage is secure or not.

Thank you.
Who is Participating?
Ray PaseurConnect With a Mentor Commented:
which "insecure" items -- that would be any item that did not originate from HTTPS.
a threat or compromise -- just because a we site uses HTTPS does not mean it is safe to give them your credit card.  It's best to know your vendors very well.  All that HTTPS does for you is reduce (to nearly zero) the likelihood that someone will be able to get your card numbers with a packet sniffer.  If, for example, you use your credit card at a public computer, the browser will remember the settings.  No amount of HTTPS can protect you from the next person who comes up to that computer.

As far as the unimportant junk on the page goes, I doubt if there is an easy way to use such a thing to get information that you don't put into the page.  In other words, better safe than sorry.  You can use "view source" to look and see where your form is being submitted to.  A little caution is always wise.

To the important question, "can I neutralize that threat" the answer is No, full stop.  Do business with those you trust and leave the others alone.

Best regards, ~Ray

That's usually what it means (ads or other linked in content from unencrypted sources).  I'm not sure if there's a way to test whether the form you are filling out belongs to the encrypted or unencrypted parts of the page.  I'd recommend contacting the website with this question, if it appears to be at all untrustworthy.

Maverick2010Author Commented:
I did contact them via email and await a reply.  

I find IE and Firefox both show this site to have secure and insecure material and my reading suggests insecure material is a way for someone to get access to secure material.  Is this so?  I am afraid to give my info to them until I can get a secure order form page.

There is a Forum page that suggests a fix to this problem by downloading and installing "Admin SSL Secure" plugin (http://wordpress.org/extend/plugins/admin-ssl-secure-admin/).  I don't know what that is or how to install it.  Is it truly a fix?

Thanks and I await any replies.
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

Maverick2010Author Commented:
Their reply did not address the problem but  rather instead told me how to place an order.  Sounds like they were dodging the issue or else did not know about such things as secure websites.

I still await any replies about the downloading and installing "Admin SSL Secure" plugin (http://wordpress.org/extend/plugins/admin-ssl-secure-admin/).  

Can anyone say anything about that?  Thanks.
Care to share the link so we can see what you are referring to?
Ray PaseurCommented:
Please post the URL of the page that triggers the warning.

Among other things, the warning can be triggered by having an HTML tag in a secure page that contains a URL that does not refer to a secure page.  Examples include an <img> tag that explicitly references an image stored on HTTP instead of HTTPS, or a favicon that is not on a secure server.  Mostly this is a benign warning, but I think that you, in a Presbyterian "abundance of caution," should probably not use the page to enter personal information.  Instead you might want to place your order over the phone or find a different vendor.
Maverick2010Author Commented:
OK, thanks guys.  Sorry for the delay in getting back to you.

The link where I got that Admin SSL plugin is:  (http://wordpress.org/extend/plugins/admin-ssl-secure-admin/).  wher it says Download Version 1.4.1.

I haven't tried it but once but I didn't see where it went or that it installed or what it really did.  Is it  a viable fix?

I agree and was thinking the same thing in the back of my mind about those warnings being benign insofar as they represent unimportant  junk on the webpage.  It's just that somewhere I came across a paragraph that said that those insecure junk items can be used as a backdoor to getting into the secure information I enter in (my credit card number for instance) and robbing me of my number.

Could that be true?

I did end up finding a different vendor in this case that had a secure order form page.  But my entire question is about wanting to know if there is a way to "secure" such web order forms for my peace of mind.  Is there anything I can do from my end to secure an order form site before entering my information?  
Or perhaps I should ask:  Is there a way to determine which "insecure" items on a webpage might pose a threat or compromise of my sensitive information and can I neutralize that threat before submitting my credit card info?

Thanks once again.

Maverick2010Author Commented:
Thanks Ray.  Good advice.  I like to "shop around" simply because I don't have but a few trusted sites and they don't always have everything I need.  So I am building my clientele.

Mostly I sort of believe in the law of averages-if that's the way to put it......in that it's like winning the lottery.  What are your chances?  Practically zero.  I feel that as long as you go with reputable or HTTPS websites, you probably will have no trouble and you would have to really shop alot before finally becoming unlucky and hitting a bad order form page that steals your information.  In other words, it's unlikely anything bad will happen.

Am I totally wrong in that belief?

I was just hoping that I could take added measures to make that eventuality even more unlikely.

I right clicked on this page and saw the View Source you mentioned and selected it.......I'm afraid I don't even know how to start to read that!  How do I begin to read such information?  Where do you look on it to find the specific info about where my form would be submitted to?

Ray PaseurCommented:
I think you would need to know HTMLm which is the language of web sites - a semester at a Junior college would teach you all you needed to know about that.

Also, I think you're on firm ground in comparing identity theft to Publisher's Clearing House.  Neither one is very likely.  The problem is that if your CC is stolen, it's a lot less fun than winning the lottery.  If you give your credit card to a waiter in a restaurant you have an equivalent risk, and how often does that go bad?  Almost never.

I have one credit card that I use for all online transactions.  It makes it very easy for me to check the statement carefully.
Maverick2010Author Commented:
OK.  I will lay that part of my question to rest.  I guess there's not too much to worry about with credit cards.  I do have a system in place where I have an account that I devote to online purchases exclusively and I usually only put in funds to it at the time of purchase.  My bank helped me with that idea and setting it up.

I still hope someone can help with the Admin SSL plugin part of my question.
Maverick2010Author Commented:
If no one knows about this Admin SSL plugin, I am going to close out this question as only half solved.

Maverick2010Author Commented:
Thanks for the info given about part of my question.  The other part was never answered.  The answered part info was good advice.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.