How to fix ‘Site Not Secure’ error on my WordPress Website

Have you ever opened a website and your browser has displayed a little notice in the corner? Perhaps it says something like ‘Site Not Secure’? Internet browsers like Google have taken new measures in recent years to help increase user safety. One of these features is alerting users when they open a site that is unsafe or containing potentially dangerous content.

If you own a website and see this error when you open it, you might be a little bit confused. “My website doesn’t contain any dangerous content”, you’ll say to yourself. Whilst the content on your website may pose no threat to those around you – there are other, important features of your website that you must monitor in order to remove this icon from your website. This article will take a look at the reasons why your website looks like this, and how you can prevent it.

Why your WordPress website has a ‘Site Not Secure’ warning

The answer is simple: Your website does not have an SSL certificate. If you have purchased an SSL certificate, yet are still seeing the warning ‘Site Not Secure’, I imagine you’d be a bit confused right now. The likely solution to this is that your website’s SSL certificate is not installed, or was not properly configured during the installation and setup.

If your website had an SSL certificate properly installed, you would see something like this:

Notice the padlock. This is now replacing the ‘Site Not Secure’ sign. Furthermore, you should be able to notice that your URL has slightly changed too. Your URL will have previously read http://yourwebsitename.com. Now it reads https://yourwebsitename.com. This change may seem small, maybe even insignificant – however, it has a big impact on your website’s security that you should know. In order to understand the impacts of an SSL certificate, we must first look at what an SSL certificate is.

What is an SSL certificate?

A Secure Sockets Layer (SSL) Certificate is a way of recognizing your website as safe and trustworthy for your customers. The certificate itself encrypts data sent from your website’s visitors in order to prevent hackers and cybercriminals from intercepting it.

To be specific, the SSL creates a secure link between the web server and the web browser. Think of it like a wire, the electricity is the data being transmitted from the server to the browser, the plastic coating is the SSL certificate. It acts as a protective shield in order to stop anyone from touching the wire.

Over the years, the SSL certificate has been modified and adapted to best suit the security needs of the time. After the original SSL certificate had a few errors, the reinvented TLS (Transport Layer Security), which is what a lot of modern day certificates are still using. However, all of them tend to be referred to as SSL, it’s just easier!

How to fix the Site Not Secure error on your WordPress Website

The following process involves installing an SSL certificate, which is a process that will take a little while. It is also quite a long process in terms of the actions involved, so taking a backup of your website is highly recommended.

1. Choose an SSL certificate to install

Choosing the right SSL certificate can be a daunting and hard task. With so many SSL companies out there, it can be confusing to know which is the right one. Luckily for you, we’ve found a couple of easy options.

Website Security with Elite (Recommended): The reason we believe this to be the best option is that for just $4.99 per month, you get a:

• Firewall
• SSL certificate included in the firewall.
• Malware scanning.
• Annual site cleanup and remediation.

It really is a no-brainer.

Or you can opt for a simple SSL certificate: There’s nothing too special about this, it’s just an SSL with no extras.

Once you’ve finished installing your SSL certificate, you’ll need to redirect your HTTP links to HTTPS, in order for your websites visitors to discover your new links effectively.

2. Update Outgoing Links to HTTPS

To ensure a secure connection, it’s a good idea to update your outgoing links to use HTTPS instead of HTTP. Doing so ensures that the connection between your website and the linked website is secure, and improves the user experience by preventing the browser from displaying a security warning.

3. Add Redirects to Non-HTTPS URLs

Adding redirects from non-HTTPS URLs to HTTPS is another effective measure to secure your website. This can be done by using a redirect plugin, modifying your .htaccess file, or using a server-side language.

4. Update your XML sitemap and resubmit to Google Search Console

Now that you’ve successfully installed an SSL certificate, tell people! There’s no use updating it and doing nothing, you want people to be able to find your newly-secure website. If you don’t complete this next step, Google will not recognize your HTTPS version and will continue to collect data from the old, HTTP version of your site.

In order to do this, go to Google Search Console. From here, you’ll want to add a new property for your HTTPS version of your site. Do this by selecting the website, and then entering your website’s URL. After that, you’ll need to re-enter your sitemap files, once again with the HTTPS versions.

Now you need to do the same on Google Analytics. If your Search Console and Analytics are linked, you can do this simply. Navigate to property settings and then the default URL. You should then be able to click on a dropdown button and select https://. Then click on view settings and do the exact same. And voilà! Google will now scan and collect data from your new, safe website!

Mixed Content Issues

There may be a few instances where the redirection process may not go to plan. In this case, you may see some errors, or incomplete merge processes. These are known as Mixed Content Issues, as it sometimes will display both HTTP and HTTPS on your site. You will be able to identify Mixed Content Issues easily through the SSL Checker Tools we’ve linked above.

If you have mixed content issues and are looking to get rid of them, take a look at this useful blog post by WP Beginner, which will show you how to fix mixed content issues using the SSL Insecure Content Fixer plugin.

Other Benefits of SSL

Aside from enhancing your site’s security, an SSL certificate can also help with SEO (Search Engine Optimization). Google has confirmed that HTTPS pages may receive a slight boost in search rankings. However, this isn’t a replacement for thorough, high-quality SEO.

Why is Website Security Important?

1. Protect Your Visitors

As a business, it’s your duty to protect your clients’ information. A secure website ensures that your customers’ sensitive data isn’t exposed and misused.

2. Safeguard Your Online Assets

A secure website also protects you from cyber threats. By installing an SSL certificate and other security measures, you reduce the risk of cyber-attacks and safeguard your website from potential damage.

3. Boost Your Competitive Advantage

A secure website gives you a competitive edge by improving your search rankings, reducing the risk of cyber-attacks, and increasing trust among your customers.

4. Maintain Your Reputation

A secure website not only protects your visitors’ data but also boosts your reputation. Customers are more likely to do business with a website they trust.

5. Avoid Loss in Sales and Revenue

Website security also plays a crucial role in your business’ financial health. A secure website ranks better in search engines, earns customer trust, and ultimately, increases sales and revenue.

In summary…

Website security is not something that should be taken lightly. If your website is displaying a ‘Site Not Secure’ warning, it’s a clear indication that you need to take action to protect your site and your visitors. By following the steps outlined in this guide, you can ensure your website is secure and provide a safe browsing experience for your users.

Remember, the Internet is a vast and complex space, and it’s our responsibility as website owners to make it a safe place for everyone. Stay secure, and happy browsing!