My website is marked as unsafe by Google Chrome, what should I do?
Enterprises that are independent foreign trade stations should often encounter this problem. The website is marked as unsafe by Google. This article tells you how to solve this problem.
To help web users browse websites more securely, Google Chrome displays a lock icon in the address bar to indicate a website secured by an SSL certificate (HTTPS).
Google Chrome didn’t show HTTP connections as non-secure until January 2017; at this point, Google started pushing updates to their Chrome browser to better indicate to users whether a website is secure.
If a web page collects passwords or credit cards over a non-secure connection, the non-secure label appears in the user’s address bar.
- Google warns sites are not safe
- In the following cases, HTTP web pages will be marked as “Not Secure” in the URL bar.
- User browses in Chrome incognito mode.
- This page contains a password field.
- User interacts with any input field.
According to the Chrome security team, after the release of Chrome 56, HTTP sites with credit card or password fields saw a 23 percent decrease in pageviews. However, these aren’t the only two things to protect. Therefore, all web pages that require user input should be private and secure.
Google made the change to make it more clear to users that HTTP does not provide data security. In the absence of data security, the UI should display a notification so the user can make an informed decision about how to interact with the site.
Fix Google Chrome’s insecure warning
To ensure that users don’t get “not secure” warnings when they visit your website, you must ensure that all pages that contain input fields are only rendered on secure origins/URLs.
All content should be loaded over HTTPS and pages should not contain any forms embedded in secure HTTP iframes.
Google’s plan is to eventually display all pages served over HTTP as insecure, so it’s a good idea to plan to move your entire website over to HTTPS.
To serve your website over HTTPS, you will need to purchase an SSL certificate. Once the SSL certificate has been issued to you and installed on your server/website, you can start loading your website over HTTPS by visiting https://www.yourdomain.com.
As your website loads over HTTPS, and everything loads over HTTPS, including images, JS files, and CSS files, your users will see the secure icon and no more warnings.
