This information is straight out of an excellent post on CSS-Tricks about moving to HTTPS on WordPress, but the information is so valuable that I felt it bears repeating.
Source attributes for images within WordPress are fully qualified HTTP URLs. In order to eliminate the explosion of mixed content warnings, after a site has been migrated to HTTPS, run the following SQL statements to convert references to http:// to the protocol relative //
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // image src in double quotes | |
| UPDATE `wp_posts` | |
| SET `post_content` = ( REPLACE (`post_content`, 'src="http://', 'src="//') ) | |
| WHERE INSTR(`post_content`, 'jpeg') > 0 | |
| OR INSTR(`post_content`, 'jpg') > 0 | |
| OR INSTR(`post_content`, 'gif') > 0 | |
| OR INSTR(`post_content`, 'png') > 0; | |
| // image src in single quotes | |
| UPDATE `wp_posts` | |
| SET `post_content` = ( REPLACE (`post_content`, "src='http://", "src='//") ) | |
| WHERE INSTR(`post_content`, 'jpeg') > 0 | |
| OR INSTR(`post_content`, 'jpg') > 0 | |
| OR INSTR(`post_content`, 'gif') > 0 | |
| OR INSTR(`post_content`, 'png') > 0; |