Bidagent link unsecured causing SSL to fail

Question

So I got an ssl certificate for my site and it shows secure on every page but my main home page. It is a word press site and when I run a Why No Padlock report it comes up with the following...

A file with an insecure url of "http://bidagent.xad.com/conv/143926?ts=%pord=!?" was loaded on line: 1 of https://******.com/. Errors that are reported on line 1 are generally not part of the source code. This error may be caused by an external javascript file which is writing to the page, however we are unable to reliably detect these scripts in our automated test. Please contact us using the "Need Help?" link below if you need assistance with resolving this error.

I have searched every file on my site for bidagent and it is not found, but when I view source on the main page there it is in an tag at the bottom of the home page. Any ideas how to get rid of this nuisance?

Answer 1

I found a similar issue on a site of mine. Tracing it back it allegedly comes from gtm.js - which makes it look like it's from Google. I ended up removing the code we had for google tag manager, getting a fresh copy and then replacing the removed code. Problem gone.

Answer 2

The script is not coming from WP, it has to be a plugin or theme.

1. did you try disabling all plugins and theme, check if problem script is gone, then re-activate all plugins one by one?

2. The url can come from the database, did you also search the DB?

3. The domain http://bidagent.xad.com doesn't look good, if a plugin is not causing this, 'other people' may have (had) access to your site.

4. Note: Malicious scripts are almost always scrambled, so you will never find something with a file search.

Regards, Bjorn