I've googled and googled for an answer to this and have found loads of answers - all saying pretty much the same thing. Remove any absolute references to images, scripts etc. I did that, but it's made no difference.

I searched the code for the string "http://" and made them relative (I've then changed some of the outbound links back to http to prevent searchbots finding a duplicate (https) version of our entire site) - but I don't think that's a problem, is it?

Please, could anyone take a look at the code, and see if they can find anything? The page is here: https://www.droverholidays.co.uk/bikehireform.php

Many, many thanks in advance!

I think it's your rotating image gallery. If that's removed, the error goes away. Move the "startGallery" script block after the "myGallery" div, then change this line...

window.onDomReady(startGallery);

to just

startGallery();

These are all the resources called when you load that page.

• https://www.droverholidays.co.uk/bikehireform.php
• https://www.droverholidays.co.uk/style.css
• https://www.droverholidays.co.uk/css/jd.gallery.css
• https://www.droverholidays.co.uk/scripts/mootools.js
• https://www.droverholidays.co.uk/scripts/jd.gallery.js
• https://www.droverholidays.co.uk/scripts/rollover.js
• https://www.droverholidays.co.uk/CalendarControl.css
• https://www.droverholidays.co.uk/CalendarControl.js
• https://www.droverholidays.co.uk/images/favicon.ico
• https://www.droverholidays.co.uk/images/phone.gif
• https://www.droverholidays.co.uk/images/email-icon.gif
• https://www.droverholidays.co.uk/images/wheel-icon.gif
• https://www.droverholidays.co.uk/images/foot-icon.gif
• https://www.droverholidays.co.uk/images/logo.jpg
• https://www.droverholidays.co.uk/images/beaconssmall_crop.jpg
• https://www.droverholidays.co.uk/images/feetsmall_crop.jpg
• https://www.droverholidays.co.uk/images/girlsonbikes_cropped.jpg
• https://www.droverholidays.co.uk/images/llangorse_crop.jpg
• https://www.droverholidays.co.uk/images/smallview_crop.jpg
• https://www.droverholidays.co.uk/images/tintern_crop.jpg
• https://smarticon.geotrust.com/si.js
• http://evssl-ocsp.geotrust.com/
• http://evsecure-ocsp.geotrust.com/
• https://www.droverholidays.co.uk/images/favicon.ico
• https://smarticon.geotrust.com/smarticon?ref=www.droverholidays.co.uk
• https://www.droverholidays.co.uk/css/img/loading-bar-black.gif
• https://www.droverholidays.co.uk/adultform.php?number=0
• https://www.droverholidays.co.uk/childform.php?number=0

So on line 328 change...

<!-- GeoTrust QuickSSL [tm] Smart  Icon tag. Do not edit. -->
<SCRIPT LANGUAGE="JavaScript"  TYPE="text/javascript"  
SRC="//smarticon.geotrust.com/si.js"></SCRIPT>
<!-- end  GeoTrust Smart Icon tag --> 

to...

<!-- GeoTrust QuickSSL [tm] Smart  Icon tag. Do not edit. -->
<SCRIPT LANGUAGE="JavaScript"  TYPE="text/javascript"  
SRC="https://smarticon.geotrust.com/si.js"></SCRIPT>
<!-- end  GeoTrust Smart Icon tag -->

On any page accessed with SSL, check that any Ajax requests are using SSL, or IE will complain. Also, if you have a Google Analytics on your page, change it from http://www.google-analytics.com/urchin.js to https://ssl.google-analytics.com/urchin.js.

There is a geotrust.com link on the page, is that https?
I also see a lot of http links to your .co.uk site itself.

Have you checked all the scripts and stylesheets you're using for external references? Maybe there's a background image referenced with http:// ?

I noticed a couple of things in the code. First, the geotrust.com script - does // at the start use the current protocol? I've never seen that before. Second, some AJAX - again, make sure this is calling https.

Try removing an element or two at a time and see if the problem goes away. Another thing you can do in scripts, is check for https ("paraphrased" from Google Analytics code):

var jsHost = ( (document.location.protocol == "https:") ? "https://" : "http://" );
document.write(unescape("%3Cscript src='" + jsHost + "YOURSITE.COM' type='text/javascript'%3E%3C/script%3E"));