Have you ever visited a website to receive a horrifying note that the site is “not secure”? A broken or red lock visible to any visitors. You may have clicked or closed the window to avoid potential problems.

Whether you’re planning a new site or already experiencing this issue and wondering why your site isn’t secure, you’re happy to know that there is a simple solution.

This article will help you find out what an insecure site warning means and why your site needs security, and how you can fix it.

What is HTTPS?

HTTPS is an abbreviation for “Hypertext Transfer Protocol Secure”. It is an internet protocol that allows information to flow securely between a server (website) and a client (the person who accesses the server). HTTPS sites offer Internet users many advantages over HTTP.

These include:

  • Authentication: Makes the desired website visible to users
  • Data encryption avoids unwanted detection and theft of information.
  • Data integrity: Prevents data from being modified during the transfer.

What does it mean that my site in “not secure”?

If your website is listed as “insecure”, it means that you do not have a renewed SSL certificate. It starts with HTTP instead of HTTPS, so it’s easy to recognise by the URL of your website.

A proper SSL certificate creates a secure connection directly with the server where the visitor is located.

So what would it look like if the site was “insecure”? Depending on the web browser you are using, when you try to access a website, you will see a message similar to the listed below:

  • The connection to this site is not secure.
  • Your connection is not private.
  • The connection is not secure.
  • The site security certificate is not trusted” (Android device)
  • Best practices when implementing HTTPS

Use a trusted security certificate

As part of enabling HTTPS on your site, you need to get a security certificate. The certificate is given by a Certificate Authority (CA). The certificate authority protects the website from a Man-in-the-middle attack by verifying that the web address belongs to the organisation. When configuring the certificate, choose a 2048-bit key to ensure a high level of security. If you already have a weaker key (1024-bit) certificate, upgrade to 2048-bit. Keep the following in mind when choosing a certificate for your site:

  • Obtain a certificate from a trusted CA that provides technical support.
  • Determine the type of certificate you need.
  • A single certificate of a single secure origin (www.example.com).
  • Multi-domain certificates from multiple known secure sources (e.g. www.example.com, example.co.us, example.com).
  • Wildcard certificate for a secure source with various dynamic subdomains (e.g. x.example.com y.example.com).

My website isn’t secure; how can I fix it?

Adopting HTTPS is not difficult at all, so review the five-step process to protect your website for your site visitors and customers.

Install the Secure Sockets Layer (SSL) certificate

To make your HTTP site secure, you need to install an SSL certificate on your website. Installing an SSL certificate involves several exchanges that provide site visitors with a secure version of the website.

  • The browser connects to the website and asks for the server’s ID.
  • The server responds by sending the SSL certificate to the browser.
  • The browser determines if the SSL certificate is trusted.
  • If the SSL certificate is trusted, send a message to the server.
  • The server responds with a digitally signed document that grants permission to start an encrypted session with a trusted SSL certificate.

Is your certificate expired?

In rare cases, you may have problems renewing your domain’s SSL certificate. If you notice that HTTPS suddenly stopped working, please contact support to fix it.

Make sure the internal and external links are using HTTPS

If you want your internal and external site links to continue to work effectively, change them all to HTTPS as well. It may sound boring, but it’s essential to make HTTPS useful to your website, not harm it. There are plugins for WordPress for example that do this automatically for you.

Check your website in Google Search Console.

After installing the SSL certificate and verifying that your site links use HTTPS, it’s a good idea to check both the HTTP and HTTPS versions of your site in Google Search Console.

You also need to ensure that the preferred domain is set to the HTTPS version. This ensures that your site visitors have a secure version of your website.

Make sure the HTTP URL is redirected.

If you mention your website on a third-party site that you manage, be sure to change that reference from HTTP to HTTPS. We also recommend that you create a 301 redirect on your website so that the HTTP URL refers to the HTTPS version.

Update XML sitemap

Next, we recommend updating your XML sitemap to reference the HTTPS version of your site’s pages. Sitemaps act as a roadmap for site visitors and Google and make it easy to navigate your website. To allow Google to re-crawl your website and index it with new links, we recommend that you submit your updated sitemap to Google Search Console.

Need help securing your website?

I often hear the question, “My website isn’t secure. How can I fix it?” This is a valid question for website owners and should be done if they are interested in retaining new and old visitors.

We’ve seen how to verify your SSL certificate and how to identify insecure resources on your HTTPS site. Hopefully, you can troubleshoot security issues on your site and bring your green lock back to its previous glory.

At the very least, Chrome’s “unsecured HTTPS” messages can be annoying. Unluckily, it can also cause you to lose customers quickly, fall into search rankings, and suffer from online attacks. Resolve the issue by purchasing an SSL certificate and installing it on your site. This builds trust between you and your visitors, attracts more traffic to your website and increases trust with your target audience. Feel free to contact us for help or advice.

Picture of Mark Preston

Mark Preston

Read Next
Tell the world

You may also like

Quick Quote

Request a Call Back or email


Want More SEO Traffic?

Answer 7 quick and easy questions and Moda will give you a FREE step-by-step guide to increase your website traffic.

What is your SEO experience level?

Do you know code or have a website developer to make changes to your website?

Do you have a blog?
If it's a yes, how many posts per month?

Do you run any Advertising or Paid Ads?

How much revenue do you generate per month?

You have completed the SEO Quiz!

To get your results and get a FREE step-by-step guide to increase your traffic just enter your details below.

We Use Cookies

We love cookies, we hope you love them too.

Thank you!

Your FREE step-by-step
guide is on its way.

share with the world

Thank you!

We'll be in Touch Shortly.

share with the world

Thank you!

We'll be in Touch Shortly.

share with the world

Thank you!

We'll be in Touch Shortly.

share with the world