Is Your Website Secure
Without HTTPS, your website is not strong enough to protect the communication and privacy between the website and the users browser.
Any information used on an HTTP connection is displayed in plain text, which could be accessed by any hacker whos able to break into the connection between your browser and the website.
And for Google, this is a huge problem.
As the most popular search engine worldwide, Google cares about providing a secure, optimized experience for its users.
Think about your own experience on Google. If you clicked on a link and got an error message would you trust the website?
Probably not.
Its the same for your customers.
They want a secure website experience. Google does too, which is why HTTPS sites are ranking higher on search engine result pages.
- Over 68% of Chrome traffic on both Android and Windows is protected.
- Over 78% of Chrome traffic on both Chrome OS and Mac is protected.
- 81 of the top 100 sites on the web use HTTPS by default.
Therefore, if your website is still not secure, it can have a negative impact on your leads, conversions, sales, and more.
Ready to switch to HTTPS?
Heres how.
Domain Not Secure What Do I Do
A secure domain hinges on one litte letter s. You probably dont even notice it as youre browsing the web, but up in your search bar in your internet browser, right next to the URL of the page youre on, you will see a little lock icon.
If you are on a secure website, the lock is locked, and the URL of the website will start with https.
If the website is unsecure, the lock is open, or some browsers show a red warning triangle with an exclamation point in it.
Some internet browsers might not let you navigate at all to sites that arent secure.
My Website Is Not Secure Securing Your Site With Https
Sam Wixted
Running a secure website is one of the most important elements to consider for your online presence. Whether youve had a website for a long time, or youve just created one, site security is extremely important especially for ecommerce sites. Not only that, but any site that requires or stores any kind of visitor information, including something as simple as login information, should provide security to site visitors. On this page, well answer your burning questions like what it means when your website isnt secure and how to make your website secure once and for all! And dont worry youre not alone! Hundreds of searchers per month ask Google why my website is not secure. Keep reading to learn more!
Recommended Reading: How Much Does It Cost To Purchase A Domain Name
How Do I Change My Website From Not Secure To Secure
How To Fix the Website Not Secure Message in Chrome
Install The Ssl Certificate To Secure Connection
Most people are intimidated by installing an SSL certificate and some time ago, they would have had good reason. Now, things are much simpler with plugins that do most of the heavy lifting.
It is, however, a long process. Follow our instructions on how to install an SSL certificate carefully. It includes everything you need to know about installing SSL certificates such as:
- Choosing an SSL certificate
- Installing a custom certificate
- Verifying the SSL certificate
If you have questions about types of certificates and how and where to buy them, the article covers it all.
After youre done with installing the certificate, come back to this article and complete the rest of the steps.
Important: Simply installing the certificate is not enough.
Also Check: How Much Do Domain Names Cost
How To Remove Not Secure Warning From My Website
It is actually pretty easy to remove Not Secure label from your website. You basically need to add a SSL certificate to your website and then also make some code changes to the website so that all the websites files are served from HTTPS. In addition to that, you also need to check your website completely to ensure everything is working fine.
To get SSL certificate, first of all check if your host already provides a free SSL certificate. If not, see if they allow Lets Encrypt Certificate, as those are completely free. If none of those are options, then either you need to buy a SSL certificate from your hosting company, or change host to someone who provides free SSL certificate.
If this sounds too complicated, or you would rather spend your time on managing your business, then it is best to hire a website management company, as that can do it for you. Specifically talking about us, the first thing we do when we start managing a website is remove Not Secure warning from it so that it does not scare away your new customers.
Update Google Search Console And Analytics
Now that youre done with installing the SSL certificate and making sure that you serve the HTTPS version of your WordPress site, its time to let Google know about it. If you dont make this change, Google Search Console will keep collecting data from the HTTP version which will keep getting lesser and lesser traffic from now on.
So, head over to Google Search Console and add a new property for the HTTPS version.
Then re-submit your sitemap files, with the updated HTTPS versions.
If your site has any link disavow files on Search Console, head over to the and click on your HTTP version. Download the file and upload it to the new profile.
Then delete the old profile permanently.
Once this is done, head over to Google Analytics and update your Google Analytics property and view. If your Analytics is connected to your Search Console, then all youll have to do is click on Property Settings> > Default URL> > click on the dropdown and select https://.
Do the same thing for the view. Click on View Settings> > Websites URL > > click on the dropdown and select https://.
Thats the only thing you need to do to fix the WordPress site not secure warning.
Don’t Miss: How Much Does It Cost To Buy A Domain Name
Why Is My Website Displaying A Not Secure Warning
Any website that is not protected by a SSL certificate uses the HTTP protocol instead of the secure HTTPS protocol and so will show a not secure warning when viewed in Google Chrome version 68 and later. Chrome 68 was launched by Google on 24.07.18. Other modern browers may display a similar message.
But what does this mean for your website and how can you make sure the not secure warning isnt displayed?
Is It Safe To Use A Website That Says Not Secure
The short answer is no. Especially if the site in question is an eCommerce site that handles your financial information. Sites without an SSL certificate are more likely to get hacked and this has serious consequences. Simply visiting an unsecured site can automatically download malware to your PCs without you even realizing it.
Also Check: Cost Of Buying A Domain
Why Is My Website Not Secure On Google
Its here the announcement weve all been waiting for.
Google, the search engine giant, is officially marking ALL websites who dont use HTTPS for their website domain as not secure.
In 2017, announced this update was coming. While the October update initially affected some websites, the latest Chrome update will have a much larger impact on the world wide web.
Beginning July 2018 with the release of Chrome 68, Google will mark ALL websites who use HTTP as not secure.
This HTTPS update and will impose challenges for business owners, but implementing a proactive strategy right away will ensure your website remains SEO friendly on Google.
Why Do I Need A Secure Website
Security is not an option. Running an HTTP website without an SSL certificate will negatively affect you in many ways.
For starters, websites that are not secure can cause loss of trust, which in turn will affect your bottom line.
The average web browser is very security conscious. If a visitor does not feel safe on your site, you can not convince them to buy your products and provide their personal information.
Certain features are also restricted to HTTPS websites.
Take Googles Accelerated Mobile Pages , for example.
This publishing format creates a basic version of your pages, making it faster to load for a mobile browser. And if you want to use this technology, your website must use HTTPS.
What is more, many browser features also wont work with HTTP. Some examples include push notifications, geolocation, web Bluetooth, and web payments.
Its not just restricted to the security of your sites, other negative effects of using non-secure websites include:
- Poor SEO Ranking. announced that HTTPS is one of the ranking factors for SERP. This policy is Googles effort to make the Internet secure for its users.
- Low web traffic. With no chance to rank on SERP, HTTP websites wont get much traffic.
- Invisible websites. In some cases, browsers, like Google Chrome, even stop users from visiting your site if it does not use HTTPS.
- Higher bounce rates. Most users will leave a website when they see a Not secure warning, resulting in a higher bounce rate.
Don’t Miss: Shopify Transfer Domain Name
How To Fix Https And Ssl Issues In Your WordPress Website
In order to protect their users, Google has steadily taken measures to encourage website owners to prioritise security with best practices. A Site Not Secure notice on a website is one of those measures. It indicates that the website does not have SSL installed.
Obviously as a website owner, we want to do the best for our visitors, and hence want the best WordPress security measures for our sites.
So, if youre seeing the WordPress site not secure notice on your site, this article will help you fix things, and make your site secure for your visitors and their data.
TL DR: Install an SSL certificate, redirect your site to https, change all internal links to secure links, and update the Google Search Console to fix the WordPress site not secure issue. Backup your entire site before you make any changes.
Why Is This Happening
A Not Secure warning informs you that the browser is detecting an unencrypted connection to the website. There can be a variety of causes for this warning, but the common culprits include:
- The site is not using HTTPS
- The site does not have a valid SSL certificate
- The site is using a self-signed or other untrusted certificate authority.
Don’t Miss: How Much Does It Cost To Host A Domain Name
Why Is My Website Being Marked As Not Secure
This is pretty simple. If youre viewing your website in Chrome browser, and the site is being marked as not secure, it is because Google is informing your visitors that your site is being distributed via HTTP .Basically, this is the basis for all data transfer on the web however, it lacks the encrypted security benefits of whats called, HTTPS .HTTPS is reserved for sites that have an SSL certificate installed.This is a standard level of encryption that ensures all data transferred between the server and browser remains encrypted.This has been something Google has become increasingly passionate about and has been pushing for all websites to add SSL certificates to their site.Recently, Google began marking non-HTTPS sites as Not secure in an effort to get all websites to install an SSL certificate.This browser notification alerts visitors that their data may not be totally secure which may cause some visitors to leave their sessions early.This should be enough of an incentive for publishers to add an SSL to their site, but heres a few more
How Do I Solve The Not Secure Warning
No shortcut will help you avoid this warning. The only way out is to face the issue head-on by getting an SSL certificate. WordPress has been on the frontline urging its users to migrate to HTTPS. Pages with forms for users to fill in information should be given priority. Consider migrating your entire site from HTTP to HTTPS to make it future proof against the impending Red Flag warning that will affect all non-HTTPS websites.
Depending on your needs, you can pick your preferred level of SSL certificate. The 3 levels are:
Organization Validation Domain validation Extended Validation
Many WordPress hosts use Domain level validation via Lets Encrypt. The other two validations may require you to purchase paid SSL certificates. SSL certificates used to be pretty expensive a few years ago. The introduction and adoption of free options led to a significant drop in their prices. Additional features that come with paid SSL certificates include receiving a security seal and a greater warranty. WordPress website owners running e-commerce websites should highly consider investing in paid SSL certificates. If you purchase a certificate, take note of the expiry date and renew it in time. Failure to do so will result in a red flag that will affect your websites credibility.
Read Also: How Much Does It Cost To Host A Domain Name
Is Your Domain Newly Hosted
Then the SSL certificate has probably not been activated yet. From the moment a domain is registered or transferred to One.com, it can take up to 24 hours for SSL to work. Please try again tomorrow.
Is it still not working after 24 hours? Then maybe something went wrong with the activation of your certificate. Please contact our support so we can check it for you and manually activate the certificate if needed.
Why Does My Website Say Its Not Secure
Any modern browser will display the Not secure warning in the address bar when your website is using HTTP instead of HTTPS.
The Hypertext Transfer Protocol is the language of the internet. It transfers data about websites between servers to computers in plain text format.
However, basic HTTP has a security flaw. All information, including your passwords and credit card numbers, can be easily stolen as it transfers between sites, as its visible for anyone.
Hypertext Transfer Protocol Secure , on the other hand, is a more secure version of HTTP. It uses a secure SSL certificate to encrypt all data before it gets transferred.
Unlike the previous type, HTTPS websites will display a Connection is secure notification to the readers, ensuring that all activities cannot be snooped on.
Major browsers like Google Chrome and Firefox will give a warning to users if they try to visit a non-HTTPS website. SSL sites protect them from possible online threats, like identity theft and spear phishing.
Also Check: Transfer Domain From Squarespace To Shopify