Web Browsers Now Marking HTTP sites “Not Secure”

Web Browsers have now started marking HTTP sites as  ‘Not Secure’ with release of Chrome 68+.

Web Browsers Now Marking HTTP sites "Not Secure"

For the past several years, Google strongly advising webmasters (sites) to adopting HTTPS encryption. Google said that within the last year, they helped users understand that HTTP sites are not secure by gradually marking a larger subset of HTTP pages as “not secure”.


Lately at SSL Support Desk – Acmetek we have been getting a lot of clients coming across a “Not secure” message on their website even after installing an SSL Certificate. 

Causes:

  • Now with Chrome demanding that everything be in https admins must forward all traffic on websites to https. Non https encryption sessions will show the “Not Secure” message within a Chrome URL.
  • You have the SSL Certificate installed on your website but you are not automatically forwarding web traffic to https for encryption.

Resolution:

Even if you have an SSL Certificate installed on the website there is a special web configuration that network admins must make to forward all traffic to https. How to forward web traffic will vary depending on your server or website cloud provider.

Example:
If I type in www.localhost/ssl into my Chrome browser without forwarding traffic to https I will go into a regular non https session and get the “Not Secure” warning message. This non https session is referred to as a regular session or http – port 80

Web Browsers Now Marking HTTP sites "Not Secure"

But because we have forwarded all traffic to https users will automatically get sent to the secure https session without even knowing it.

Web Browsers Now Marking HTTP sites "Not Secure"

Many browsers have become the enforcers of security. The likely hood of this happening with other web browsers is highly likely. All Admins should now forward their website traffic to https if they want to avoid Not secure messages on browsers if they want to avoid those ugly warnings.

Consult your web admins or web developers on how to perform this configuration.


Posted by:
Dominic Rafael
Senior Lead IT Engineer
Be sure to Subscribe!!

Recent Posts

S/MIME for Outlook O365 Windows

Add to Favorites S/MIME Advantages of S/MIME Certificates S/MIME (Secure/Multipurpose Internet Mail Extensions) certificates offer several advantages when it comes to securing email communications. Here

Read More »

Abbreviations

Add to Favorites There are literally thousands of IT abbreviations out there. Many are concerned with the technical aspects of the computer, while others deal

Read More »

SSL Installation on Qmail

Add to Favorites SSL Installation on Qmail Qmail is a secure, reliable, efficient, simple message transfer agent. It is designed for typical Internet-connected UNIX hosts.

Read More »