Why is my website marked as insecure?

When setting up a new website – or when viewing a legacy website – it is not uncommon to see a message in your browser address bar marking the site as “Insecure”, “not secure” or similar. This will often be accompanied by an open padlock or another icon.

This does not mean the website you are viewing has been hacked or compromised in some way, it means that the connection between your browser and the webserver is not an encrypted.

Data transfers across the internet via multiple hops, bouncing from computer to computer until it reaches the intended destination. If this data is not encrypted, the data can be intercepted and read. This is a particular problem when transferring passwords or financial information between a browser and a server.

You can solve this problem by ordering and installing an “SSL Certificate” from your webhost. This allows data transferring between a browser and server (and back again) to be encrypted before transfer, creating a secure transmission.

If you are not transferring sensitive information you might think this is not a problem. Wrong. The big search engine companies now penalise websites that do not have a secure connection meaning your website is less likely to be found without an SSL certificate.

SSL Certificates are provided by an issuing authority and will usually make an annual charge for this.
Article published 22nd June 2022
Last modified 02nd November 2023