If your website does not have an SSL certificate configured, visitors to your site will see an 'insecure' warning in their web browser. You can see this by clicking the warning icon in the URL bar to the left of your domain.
You'll see a warning similar to the following:
To avoid losing visitors and potential customers, you should make sure your website is using an SSL certificate.
When an SSL certificate is enabled, all traffic within the domain is encrypted. This ensures all communication of sensitive data (such as credit card information or passwords) is protected.
Even if your site does not handle sensitive data (such as credit card information or passwords), it will still be marked as 'insecure' by web browsers. Visitors to your site may be concerned about the warning and choose to avoid your site.
Resolving the warning — Website owners
Add an SSL certificate to your site
To ensure your website traffic is not affected, it's highly recommended you add an SSL certificate to your website. DreamHost recommends adding either a free 'Let's Encrypt' or paid 'Sectigo' certificate.
A self-signed certificate is not recommended as it will still display a security warning in any browser.
- Adding an SSL certificate overview
- Adding a free Let's Encrypt certificate
- Purchase a professionally-signed SSL certificate
Update links to use HTTPS
If your website contains any HTTP links, a mixed-content warning will be thrown. This is when an SSL certificate has been added, but the links within the site were not updated. View the following article for further details.
Add security headers
HTTP headers are information passed between a web browser and a website when it's visited. There are different types of headers you can add depending on the service you would like to implement. For example, you could add security headers to force your site to only load secure content. View the following article for a list of security headers.
Resolving the warning — Website visitors
Clear your browser's cookies and cache
It's possible that old cookies and cache in your browser are causing a website to load old information. Clearing both may resolve this warning.
- Chrome: Cookies and Cache
- Edge: Cookies and Cache
- Firefox: Cookies and Cache
- Safari: Cookies and Cache
Fix date time
SSL certificates have expiration dates. If your computer's date and time is incorrectly set, a website's SSL certificates could appear invalid and therefore display a security warning.