How To Fix The Not Secure Website Warning In Google Chrome
Google recently announced that their Chrome browser will soon show websites without https with a Not Secure warning:
Regardless what type of website you're operating, this will hurt the trust with your users.
Personally, I predict by the year 2020, some web browsers will completely eliminate displaying websites that aren't using SSL.
With all the current fuss about data privacy and protection, companies around the globe are faced to make some pretty big changes, so you should make sure your website is secure!
Free And Automatic SSL
At AppsGators we took the initiative several years ago to begin offering free and automatic SSL certificates to all of our customers.
We felt it was no longer an option to offer SSL as an up-sell, but rather it was a requirement for web hosting moving forward.
Regardless if you're on a Shared, Reseller, or VPS hosting package, you can follow this guide to make sure your website has a secure certificate installed at AppsGators:
How To Verify Your Free SSL Certificate
There are two way to check and see if your website has a free SSL certificate:
Check inside of cPanel:
One of the easiest ways is to login to the website’s cPanel click on SSL/TLS -> Generate, view, upload, or delete SSL certificates.
If the Issuer doesn’t say Let’s Encrypt, then that means the website isn’t using an auto-ssl generated certificate. If it says self signed you may wish to click the Delete link so the auto-installer will replace it.
Check inside of Web Host Manager:
If you have a Reseller Hosting or VPS Hosting package with us, you can easily check the certificates in Web Host Manager -> Manage SSL Hosts:
As with the option in cPanel, you want to make sure the Issuer says Let’s Encrypt. If it says “Self Signed” or is expired, you may wish to click the Delete link so it’ll be replaced.
If you do not see a valid certificate, you can follow this guide to make sure one is installed.
How To Fix The Site Not Secure Error
Once you've verified the SSL certificate is installed on your website, you still have to make sure that all of your pages and elements on your pages are being called from "https."
If you're using WordPress there is a plugin called Really Simple SSL that lives up to its name!
You just need to simply install the plugin, activate it, and allow your .htaccess file to be re-generated.
I've filmed a video tutorial that walks you through this:
How To Force SSL In Your .htaccess File
If you are not using WordPress, you should check with the application developer for best practices to adding SSL to your website.
As a general rule of thumb, your .htaccess file should include code that looks something like this:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L]
Obviously you want to replace example.com with your domain (or sub-domain).
If you have any questions or need help getting your website secured, please feel free to reach out to our team!
Remember, SSL is and always will be free and automatic at AppsGators!
