How to Fix a Not Secure Warning for my website


Browse by products and services

  • Applies to: All Services
    • Difficulty: Medium
    • Time Needed: 20-30
    • Tools Required: Website file access, SSL certificate

Overview

It can be concerning when you check your website, and suddenly see a warning that says that it's Not Secure. Rest assured, this warning does not mean that your computer or the site you are visiting is affected by malware. This article will explain why this occurs, and how it can be fixed.

security_warning-browser-01.png

Why is this happening?

A Not Secure warning informs you that the browser is detecting an unencrypted connection to the website. There can be a variety of causes for this warning, but the common culprits include:

  • The site is not using HTTPS
  • The site does not have a valid SSL certificate
  • The site is using a self-signed or other untrusted certificate authority.

How does a Not Secure warning affect me?

If this is occurring on a test environment or trusted internal page, such as your Plesk/cPanel/WHM login pages, then it's likely that your site is using a self-signed certificate and you can simply add a security exception to your browser to use the website as normal.

However, failure to use HTTPS with a valid SSL certificate on a production site means unwanted parties could potentially be monitoring your website activity and/or accessing personal information. Additionally, if visitors see a Not Secure warning, they may lose trust in your website, resulting in a loss of visitation and sales.

Obtain a SSL certificate

Before we're able to use HTTPS, we will first need to install an SSL to our website. At Media Temple, there are a variety of free and premium options available:

Free:

Premium:

Redirect to HTTPS

After installing your SSL, you will need to ensure your site redirects to HTTPS. There are a variety of methods that an HTTPS redirect can be performed:

Check your site

After you've installed the SSL Certificate and redirected your site to HTTPS, you can check your site to see if there's a padlock icon in the URL bar to indicate a secure connection. You may need to clear your browsers cache to see your changes.

secured-01.png

Resources