Why does my site say "Not Secure"?


#1

In July of 2018 Google Chrome made changes to the way sites that are loaded over http are displayed in the URL bar of their browser. When visiting a site over http you’ll see this message:

26%20PM

and when clicked it provides some more information:

59%20PM

If your site is hosted on Reclaim Hosting you likely already have an SSL certificate, allowing you to load your domain over https. The first step to ensuring Google Chrome and other browsers do not label your site as insecure is to test this and make sure you don’t receive an error message when going to the https version of your domain. If you do get a message that there is no certificate for that domain, you can follow this guide to installing a free SSL certificate.

The next step is to make sure all assets on your site load over https, which allows your site to have a green padlock and for the “Not Secure” message to go away. For example if you open your site with https but you have an image embedded that is from an http URL, the page is still technically insecure. You can find out which assets on your site are causing this by testing your URL at https://www.whynopadlock.com/. If you run WordPress a quick fix may be to change your URL to https in Settings > General. Additionally a plugin like Really Simple SSL or SSL Insecure Content Fixer will convert all assets to https and make sure that the site loads securely.

The final step is to make sure all visitors that load your URL get the https version. We have a guide for setting up a redirect for this, see Force HTTPS for your site.

With those steps in place all visitors to your site will see a Secure message in the URL bar, just like the one above this guide.

38%20PM


Force HTTPS for your site
Embed Code Generation? Moodle and WP need a marriage!