Find and block unsafe content on your wordpress installation

For some reason, my WP installation decided to load some files via http instead of https To find out which file it is, I used the Javascript console It’s wp-emoji in this case, and I don’t use emojis on my site, so I decided to block it by adding this to my theme’s functions.php   remove_action( 'wp_head', 'print_emoji_detection_script', 7 ); remove_action( 'wp_print_styles', 'print_emoji_styles' );