Depending on how your browser in configured, you may see the message above when you attempt to access a custom page in your CRM system. This is caused by a change in the security level of the pages in the system. If you are using HTTPS for your system and have (for example) an IFRAME that is using HTTP, you will see this message everytime you attempt to access the page.

We can simply click 'No' on this message to display the custom page, but having to click this button everytime a custom page opens grows tiresome very quickly. Luckily for us, there is a simple browser setting change that we can apply to prevent these messages from appearing.

Go to Tools –> Internet Options –> Security Tab. Here select the proper zone under which your custom pages or the "HTTP" pages came. In my case, this was the Internet zone. When you have the proper zone selected, click the 'Custom Level' button.


Now go to Miscellaneous –> Display Mixed Contect and select "Enable" option as shown in the below screen shot.


Viola! No more prompts for your custom pages!

  • Ruther

    Thanks for the help…

  • Jon Peterson

    Thanks very much for these instructions. Right on-point; easy to follow and accurate. Jon

  • Kim

    THANK YOU — Just what I was looking for….

  • Bob

    I have done this, but I still get the same security warning. Any advice?

  • Cynthia

    Changing this setting doesn’t get rid of the security warning pop-up – other ideas?

  • Sam the man


    make sure have selected the ‘interent’ zone

  • RG

    THANK YOU!!! That has been driving me crazy!!! Why did I wait so long to google an answer? I kept thinking I would figure it out, but nothing worked. Thank you, thank you, thank you!!

  • rsbrux

    Why does this have to be enabled for the whole internet? I only want to permit my trusted sites to deliver mixed content, but setting this option only in the trusted zone doesn’t work. I still get the prompt from trusted sites. What is the use of MS’s “zones” if they don’t respect them? What good is a warning like this if it can’t be eliminated selectively?

    • AdamV

      Not sure if you can fix this by adding the site that the insecure content is coming from to your trusted sites too (I think if you only have your CRM site in there it won’t work, or it may just be that it fails if they are not in the same domain).
      Of course, a much better and more secure solution would be to ensure that any custom pages used are also delivered securely using SSL, then you never have the problem.

  • Cheryll Anderl

    Thanks for good info :)

Return to Top ▲Return to Top ▲