If you’re reading this you probably have a site you own or work on that is triggering a not secure warning in Google’s Chrome browser and you wan’t to get rid of it.
Chromes ‘Not Secure’ warnings can appear on a page for a number of reasons, but is most commonly down to linked resources that are not using the HTTPS protocol. Another common issue is that you have form fields embedded on your page that is used to gain personal or sensitive data.
Google originally announced the update in September 2016, and is intent on ensuring webmasters are careful with the way they handle sensitive data on their sites.
How to Find the Not Secure Issue when on HTTPS
If you do have an issue with the not secure warning displaying despite you being on HTTPS then it is very easy using chrome to highlight why this is appearing.
- Whilst on the page in question, simply open Chromes Developer Toolbox either via the menu bar (View -> Developer -> Developer Tools) or Right Click on an empty space of the page and click ‘Inspect’.
- In the developer toolbox, click the ‘console’ tab
- Review any warnings that are being displayed with the message “Mixed Content: The page at ‘https://www.domain.com/’ was loaded over HTTPS, but requested an insecure *”
Once you have highlighted what resource is causing the issue then you will just need to update the resource to be loaded over the HTTPS protocol by updating the resource URL. If you are using a 3rd party resource that is hosted on another domain then it will also need to have it’s own SSL certificate that will support HTTPS.
How to Resolve issues with Insecure Forms
If your site is displaying a not secure message because of an insecure form it is likely that you are not using the HTTPS protocol. Wherever you are gathering input data from a user you must now by Google’s guidelines load all content over HTTPS.
If you do not currently have a HTTPS solution in place, then there are a few options available to have this set up relatively quickly. You can either pick up your own SSL certificate and this installed on your site (Recommended) or you use a tool like Cloudflare or Let’s Encrypt that both offer free easy to set up SSL certificates as part of their platforms.
If you require any support or help on setting up or debugging HTTPS issues on your site then drop me an email on [email protected]