Automatic HTTPS rewrites rewrite HTML source links from HTTP to HTTPS without requiring manual URL changes to resources in your HTML source.
If you currently connect to your site over HTTPS and the lock icon is not present in the URL or displays a warning icon, your site may contain references to HTTP assets. See our guide on troubleshooting mixed content for further details.
Enable Automatic HTTPS Rewrites via the SSL/TLS app to rewrite HTTP resources as HTTPS at Cloudflare without making any changes to the HTML source at your origin server.
The HTTP resources are checked to ensure they are accessible via HTTPS before a rewrite is applied. In cases where a resource is not available over HTTPS, Cloudflare cannot rewrite the URL.
If a third-party domain supports HTTPS and is not rewritten automatically, you can manually change those links to relative links or HTTPS links. Alternatively, you can ask the third-party domain owner to submit their site for inclusion in the HTTPS Everywhere rulesets, which accept pull requests on GitHub.