Why is my website displaying a not secure warning?

Products mentioned
The Not Secure warning explained

One minute your website’s fine. The next, it’s displaying a Not Secure warning. Maybe you discovered it by visiting your own website, or perhaps a concerned customer got in touch and pointed it out.

However you found about it, you’re undoubtedly asking yourself:

Why is my website displaying a Not Secure warning?

Any website that is not protected by an SSL certificate uses the HTTP protocol instead of the secure HTTPS protocol. When viewed in Google Chrome version 68 and later, it will show a Not Secure warning. Chrome 68 was launched by Google on 24.07.18. Other modern browers may display a similar message.

But what does this mean for your website and how can you make sure the Not Secure warning isn’t displayed?

What does Chrome’s Not Secure warning really mean?

If you are seeing the Not Secure warning, don’t panic. The presence of the warning itself doesn’t indicate that your website has been hacked or infected with a virus.

It simply means that you haven’t protected your website with an SSL certificate.

 

Without an SSL, it’s possible for a third party to read information transmitted between your website and anyone visiting it.

If your website handles sensitive information such as payment details or names and addresses, it’s vital you use an SSL certificate on your website.

Avoid the Not Secure warning

In practice, this means that if someone is inputting sensitive data such as payment information or even just their name and address into an unprotected website, then there’s a possibility this data could be accessed by someone else and misused.

That’s why Google has introduced the Not Secure warning – so people visiting a website know whether it’s safe to enter their personal details.

How can I fix the Not Secure warning?

To fix the Google Chrome Not Secure warning you need to purchase and properly install an SSL certificate. Alternately, if you have tech skills and can install it yourself, you could get a free SSL certificate through one of the free providers.

An SSL certificate means that any data that passes between your website and people visiting it is encrypted, so it can’t be accessed by an outsider.

That’s probably all you really need to know about SSL certificates at this stage, but if you want to know more you can read this guide.

Once your SSL certificate is installed, the Not Secure warning will disappear.Example of browser bar on an SSL protected site

You’ll also notice that the prefix of your web address changes from http to https (the “s” stands for secure), and there’s a little padlock in the address bar indicating that your site is secure.

But first, you’ll need to get an SSL certificate. GoDaddy offers a range of SSL options, so you’ll be able to find one that’s right for you.

Speak to the GoDaddy Guides any time day or night about setting up your SSL.

What else do I need to do to protect my website?

An SSL certificate encrypts the data being sent through your website, but it doesn’t protect your website against malware or DDoS attacks.

Hacking is a major issue for Australian businesses, as evidenced by the recent Optus attack that exposed the private data of millions of Australian telecoms subscribers.

If you want to protect your website against hackers, consider using a product like GoDaddy Website Security.

  • The standard package protects one site and includes a firewall to turn away suspicious traffic, an SSL certificate, malware scanning and annual site clean up.
  • The Advanced package adds DDoS protection, unlimited clean ups for your site and 25GB of secure backup.
  • GoDaddy’s Premium plan adds prioritized cleanup and repair and 200GB of backup.

Related: How to use Scamwatch to protect your business

Are there any other benefits to adding an SSL?

You may have heard that you can boost your search rankings by adding an SSL certificate. And although it’s true that Google has said https pages may get a small boost  in its search engine rankings, you shouldn’t expect it to send your site rocketing to first place.

Switching your website to https by installing an SSL certificate is no replacement for conducting good, solid SEO. You can learn more improving you SEO rankings in this guide.

Summing up

If you don’t want Google’s Not Secure warning to appear on your website, then you need to install an SSL certificate as soon as you can. Doing so will also ensure that data transmitted via your website is encrypted.

But don’t forget, you’ll need to go further to make sure your website is more fully protected against hackers.

Will Stevens
Will joined the GoDaddy EMEA team in 2017, following the acquisition of HEG. He covers all aspects of digital marketing, from SEO to email, for the GoDaddy UK blog. Previously, he has worked in online journalism and also conducted online marketing campaigns for a number of well-known brands.