How to Fix Not Secure Website Warning – Unsecured Website Fix

SecurityCategory
12 min read
Will Stevens

One minute your website’s fine. The next, it’s displaying a not secure warning. Maybe you discovered it by visiting your own website, or perhaps a concerned customer got in touch and pointed it out.

However you found about it, you’re undoubtedly asking yourself “why is my website displaying a not secure warning?”. The answer is: Any website that is not protected by a SSL certificate will show a not secure warning when viewed in Google Chrome version 68 and later. Chrome 68 was launched by Google on 24.07.18. online security isn’t something you should take lightly.

What does a not secure website mean?

A website that is not secure means that the connection between the website and your web browser is not encrypted. This means that any information you enter on the website, such as passwords, credit card numbers, or personal information, could potentially be intercepted by a third party.

You can usually tell if a website is secure by looking at the address bar in your web browser. If the website is secure, the address will typically start with "https" right before the domain name rather than "http." The "s" stands for secure.

How to tell if a website is Not Secure?

Most web browsers display a padlock icon next to the website address to indicate that the connection is secure.

If you see a not secure message on a website, it is generally a good idea to avoid entering any sensitive information on the website. Instead, you should look for a different, secure website to use.

Lookout for the HTTP & HTTPS.

HTTP means Not Secure Website

HTTP protocol (Hypertext Transfer Protocol) is a protocol for transmitting data over the internet. It is the foundation of data communication on the World Wide Web. When you visit a website using HTTP, the connection between your web browser and the website's server is not encrypted, which means that any information you enter on the website, such as passwords or credit card numbers, could potentially be intercepted by a third party.

HTTPS Means Secured Website

On the other hand, HTTPS (Hypertext Transfer Protocol Secure) is a secure version of HTTP. It uses an encryption protocol called SSL (Secure Sockets Layer) or TLS (Transport Layer Security) to secure the connection between the web browser and the website's server. This means that any information you enter on a website using an HTTPS version is encrypted and cannot be easily intercepted by a third party.

In general, it is a good idea to use HTTPS whenever you are entering sensitive information on a website, such as passwords or credit card numbers. Most modern websites use HTTPS to secure their connections, but it is always a good idea to double-check before entering sensitive information.

How to Remove Not Secure warning you’re your Website?

To fix the Google Chrome not secure warning you need to purchase and properly install a secure sockets layer (SSL certificate) to move to secure site status and go from http to https.

An SSL certificate means that any data that passes between your website and people visiting it is encrypted, so it can’t be accessed by a third party.

It increases your site’s security and helps you go from http sites (insecure sites) to https sites (secure sites).

This security certificate boosts customers’ and site visitors confidence in your site as they can be assured that their personal data isn’t being mistreated.

That’s probably all you really need to  know about SSL certificates at this stage, but if you want to know more you can read this guide.

You could also get yourself a WordPress security plugin as an extra layer of security too.

Install Secure Sockets Layer (SSL) Certificate

Once your SSL certificate is installed, the not secure warning will disappear. You’ll also notice that the prefix of your web address changes from http to https (the “s” stands for secure), and there’s a little padlock in the address bar indicating that you have a secure website.

GoDaddy website protected with an SSL certificate

But first, you’ll need to buy an SSL certificate. GoDaddy offers a range of SSL options, so you’ll be able to find one that’s right for you.

If you’re looking to protect a GoDaddy Website Builder or Online Store website, your SSL will be installed automatically. The same is true if you site is hosted on GoDaddy web hosting.

For those of you who don’t fall into these groups, checkout our SSL FAQs for more help on setting up your SSL.

You could always switch to GoDaddy’s Website builder to make things easier when adding an SSL)

There are a few reasons why you might want to make sure that your outgoing links are pointing to HTTPS:

  1. Security: If you are linking to a website that uses HTTPS, it is generally a good idea to use HTTPS for the link as well. This helps ensure that the connection between your website and the linked website is secure.
  2. Better user experience: If you are linking to a website that uses HTTPS and you use HTTP for the link, the user's web browser may display a warning that the connection is not secure. This can create a poor user experience and may discourage users from following the link.

To make sure that your outgoing links are pointing to HTTPS, you can simply update the link in your website's HTML code to use HTTPS instead of HTTP. For example, if the link currently looks like this:

<a href="http://www.example.com">Example website</a>

You can update it to look like this:

<a href="https://www.example.com">Example website</a>

It is also a good idea to double-check that the website you are linking to actually supports HTTPS. Some websites may not have an SSL certificate installed, which is required for HTTPS, and will not work if you try to use HTTPS for the link. In this case, you may need to use HTTP for the link instead.

(3) Add Redirects to Non HTTPS URLs

There are a few different ways you can add redirects to non-HTTPS URLs:

  1. Using a redirect plugin: If you are using a content management system like WordPress, you can use a redirect plugin to automatically redirect non-HTTPS URLs to HTTPS. This is a simple and easy way to implement redirects on your website.
  2. Modifying your .htaccess file: If your website is hosted on an Apache web server, you can add redirects to non-HTTPS URLs by modifying your .htaccess file. This requires some knowledge of server-side programming, but can be a useful option if you don't want to use a plugin.
  3. Using a server-side language: If your website is built using a server-side language like PHP or Ruby, you can use the language's built-in functions to redirect non-HTTPS URLs to HTTPS. This requires some programming knowledge, but can be a powerful and flexible option.

In general, it is a good idea to redirect non-HTTPS URLs to HTTPS to ensure that your website's connections are secure and to provide a better user experience for your visitors.

(4) Update your XML Sitemaps

Updating your XML sitemaps from a security perspective involves making sure that all the URLs in your sitemaps are using HTTPS rather than HTTP. This helps ensure that the connections between your website and its pages are secure.

There are a few reasons why you might want to update your XML sitemaps in this way:

  1. Security: As mentioned earlier, using HTTPS helps secure the connection between your website and its pages, which can help protect sensitive information like passwords and credit card numbers from being intercepted by third parties.
  2. Better user experience: If you are using HTTP for your sitemap URLs and a user's web browser displays a warning that the connection is not secure, it can create a poor user experience and may discourage users from visiting your website.

To update your XML sitemaps to use HTTPS, you will need to edit the sitemap file and replace all instances of "http://" with "https://". It is a good idea to double-check that all the URLs in your sitemap are actually accessible using HTTPS before updating the sitemap file.

Once you have updated your XML sitemap to use HTTPS, you should submit the updated sitemap to search engines like Google to ensure that they are aware of the changes. This is an important ranking factor because it will help them index your website correctly and improve your search engine rankings (SEO).

(5) Submit your Website in Google Search Console

To submit your website to Google Search Console, follow these steps:

  1. Go to https://search.google.com/search-console/ and sign in with your Google account.
  2. Click the "Add a Property" button.
  3. Enter the URL of your website and click "Continue."
  4. Choose the "Domain" option and click "Continue."
  5. Select the "HTML tag" option and copy the provided code.
  6. Open your website's HTML code and paste the code into the head section of your homepage.
  7. Save your changes and go back to the Google Search Console.
  8. Click "Verify" to complete the verification process.

It may take a few minutes for Google to verify your website. Once the verification is complete, you can use the Google Search Console to monitor your website's performance in search results, submit sitemaps, and identify any potential issues with your website.

Why is it Important to Secure your website?

Avoid the not secure warning and get a secure connection In practice, this means that if someone is inputting sensitive data such as payment information (credit card) or even just their name and address into an unprotected web page, then there’s a possibility this data could be accessed by someone else and misused. That’s why Google’s web browser has introduced the not secure warning – so people visiting a website know whether it’s safe to enter personal details. This also applies in other web browsers like Firefox, safari, duck duck go, internet explorer, and the rest. Your online security is not there to only protect you as a website owner against hackers. But also, to protect your customers/conversions from losing their sensitive data.

Note: ecommerce websites cannot accept payments online without an https connection which you can only acquire through an SSL certificate.

(1) Protect your Website Visitors

Businesses have a duty to inform their clients if they experience a cyber breach that involves the exposure of personal information. If you’ve ever been a customer whose data has been exposed after trusting a company to handle it properly because of any kind of website security threat, you realize how this can jeopardize business relationships.

(2) Protect your Online Assets

If you build a website or set up a computer and don’t take proactive steps to protect yourself, you might have wide-open and known vulnerabilities hackers can quickly exploit to gain access to your data.

Start by installing basic anti-virus and malware detection software from any major provider.

Spyware might come from clicking on a bad link in an email, the wrong file permissions on your website server, or an outdated app or program. Because there are so many potential sources of spyware, it is important to understand how to prevent it in addition to choosing a good spyware detector and spyware removal tool.

(3) Gives you a Competitive Advantage

Improving the online security of your website can give you a competitive advantage in a few different ways:

  1. Improved search rankings: Google and other search engines may give a ranking boost to websites that are secure and provide a good user experience. By implementing HTTPS and other security measures, you may be able to improve your search rankings and attract more visitors to your website.
  2. Reduced risk of cyber-attacks: By improving your online security, you can reduce the risk of cyber-attacks and protect your website and business from potential damage. This can help you avoid costly downtime and reputation damage, which can be especially important for small businesses.

Overall, investing in online security can help give you a competitive advantage by increasing trust, improving search rankings, and reducing the risk of cyber-attacks.

(4) Protect your Reputation

Increased trust: By taking steps to secure your website and protect your users' information, you can build trust with your customers and visitors. This can lead to increased conversions and sales, as users are more likely to do business with a website they trust.

(5) Prevent loss in Sales & Revenue

As we have mentioned earlier, you will get to rank better in search engines when you are secure, customers trust you, you are allowed to do business online. All of those factors help you prevent losses in sales.

If you don’t want Google’s not secure warning to appear on your website, then you need to install an SSL certificate as soon as you can. Doing so will also ensure visitors have a safe and secure experience on your website.

screenshot of ssl certificate page on GoDaddy.

Frequently asked questions (FAQ):

Here’s a few answers to your frequently asked questions:

How do I fix non secure HTTPS in Chrome?

To fix the Google Chrome not secure warning you need to purchase and properly install a secure sockets layer (SSL certificate).

How do I turn off not secure on safari?

As a website owner, you can turn off the "not secure" warning in Safari by implementing HTTPS on your website. This involves installing an SSL (Secure Sockets Layer) certificate on your website's server and configuring your website to use HTTPS.

To implement HTTPS on your website, you will need to follow these steps:

  1. Purchase an SSL certificate from a trusted certificate authority.
  2. Install the SSL certificate on your website's server.
  3. Update your website's code to use HTTPS for all URLs and resources.
  4. Test your website to make sure that everything is working properly with HTTPS.
  5. Update any external links or references to your website to use HTTPS.

Once you have implemented HTTPS on your website, the "not secure" warning should no longer appear in Safari or any other web browser. It is important to keep your SSL certificate up to date and renew it before it expires to ensure that your website remains secure.