One minute your website's fine. The next, it's displaying a not secure warning. Maybe you discovered it by visiting your own website, or perhaps a concerned customer got in touch and pointed it out.
However you found about it, you're undoubtedly asking yourself:
Why is my website displaying a not secure warning?
Any website that is not protected by a SSL certificate uses the HTTP protocol instead of the secure HTTPS protocol and so will show a not secure warning when viewed in Google Chrome version 68 and later. Chrome 68 was launched by Google on 24.07.18. Other modern browers may display a similar message.
But what does this mean for your website and how can you make sure the not secure warning isn't displayed?
What does Chrome's not secure warning really mean?
If you are seeing the not secure warning, don't panic. The presence of the warning itself doesn't indicate that your website has been hacked or infected with a virus.
It simply means that you haven't protected your website with an SSL certificate which means it's possible for a third-party to read information transmitted between your website and anyone visiting it.
If your website handles sensitive information such as payment details or names and addresses, it's vital you use an SSL certificate on your website.
In practice, this means that if someone is inputting sensitive data such as payment information or even just their name and address into an unprotected website, then there's a possibility this data could be accessed by someone else and misused.
That's why Google has introduced the not secure warning - so people visiting a website know whether it's safe to enter personal details.
How can I fix the not secure warning?
To fix the Google Chrome not secure warning you need to purchase and properly install an SSL certificate.
An SSL certificate means that any data that passes between your website and people visiting it is encrypted, so it can’t be accessed by a third party.
That’s probably all you really need to know about SSL certificates at this stage, but if you want to know more you can read this guide.
Once your SSL certificate is installed, the not secure warning will disappear. You’ll also notice that the prefix of your web address changes from http to https (the “s” stands for secure), and there’s a little padlock in the address bar indicating that your site is secure.
But first, you’ll need to buy an SSL certificate. GoDaddy offers a range of SSL options, so you’ll be able to find one that’s right for you.
Here are several types of SSL certificates and their use cases:
- Easy SSL Certificates - fully managed SSL, GoDaddy covers the installation and maintenance.
- Wildcard SSL Certificates - strongest encryption in the world, covering one website and all of its subdomains.
- Multi-domain San SSL Certificates - covering up to 100 websites, managed in one place.
- EV SSL Certificates - best suited for eCommerce websites or websites that handle sensitive data.
- OV SSL Certificates - for informational websites, a business site, an NGO or anything non transactional.
- Domain Validation SSL certificates - for personal websites, can be used to protect multiple domains.
You can also checkout our SSL FAQs for help on setting up your SSL, or you can speak to the GoDaddy Guides about setting up your SSL.
(Of course, you could always switch to GoDaddy’s Website builder which comes with a free SSL.)
What else do I need to do to protect my website?
An SSL certificate encrypts the data being sent through your website, but it doesn’t protect your website against being affected by malware or DDoS attacks.
Hacking is a major issue for businesses of all sizes – research by Hiscox shows that one UK small business is successfully hacked every 19 seconds and that the average cost of cleaning up after a cyberattack is £25,700.
If you want to protect your website against hackers, consider using a product like GoDaddy Website Security. The standard package protects one site and includes a firewall to guard against hackers, a DV SSL certificate, malware scanning and annual site clean up. The advanced package adds DDoS protection, unlimited clean ups for your site and 25GB of secure backup.
Are there any other benefits to adding an SSL?
You may have heard that you can boost your search engine optimization by adding an SSL certificate. And although it's true that Google has said https pages may get a small boost in its search engine rankings, you shouldn't expect it to send your site rocketing to first place.
Switching your website to https by installing an SSL certificate is no replacement for conducting good, solid SEO.
If you don't want Google's not secure warning to appear on your website, then you need to install an SSL certificate as soon as you can. Doing so will also ensure that data transmitted via your website is encrypted. But don't forget, you'll need to go further to make sure your website is protected against hackers.