How to Fix Chrome Not secure labelEven if You're a "zero tech" Small Business Owner
How to fix Chrome Not secure label
How to fix the Google Chrome Not Secure label problem with your website for FREE even if you are a complete tech newbie!
They’re popping up everywhere and many (most?) small business owners are either totally unaware or if they are aware, they’re clueless as to how to fix this potential conversion killer. This is understandable as most small business owners are busy running their businesses and don’t have time to deal with these “techy” issues.
What is this potential conversion killer? On July 24, Google Chrome began labeling HTTP websites as Not secure.
“The reason for the move is simple: “When you load a website over plain HTTP, your connection to the site is not encrypted,” said Emily Schechter, Chrome security product manager, in today’s blog on the move. “With HTTPS, your connection to the site is encrypted, so eavesdroppers are locked out, and information (like passwords or credit-card info) will be private when sent to the site.”
Now the real fix to get your website communications secure, is to install an SSL Certificate on your webserver so all sessions between the server and a user’s browser are encrypted. The SSL encryption protocol has actually been replaced with a newer more secure protocol called TLS and the latest version is TLS 1.3. But old habits die hard and the SSL moniker is still used even when we’re really dealing with TLS.
Want to check your browser TLS client? Check it here: https://www.howsmyssl.com/
However, installing an SSL certificate on your server is certainly not for “tech newbies”. Not to worry though, as I’ll show you how to take the first step on the road to security for your website even without installing a certificate.
To begin, we’re going to use the FREE Cloudflare reverse proxy server. Don’t worry about the technical jargon though as this will be a simple point and click solution. Before we begin, you’ll need some info about your domain, the user name and password to log into your Domain Registrar. This is where you purchased and registered your domain name. This may or may not be where your website is actually hosted (web host). Now that you have that, let’s begin. Go to https://dash.cloudflare.com/sign-up
As part of the signup process, you’ll need to point your DNS nameservers to Cloudflare nameservers. This is where, as mentioned above, you will need to login to your Domain Registrar and change the nameservers. Here’s a Cloudflare video on how to do that.
Once you have made that change, remember it may take a while to propagate, here’s how we’ll use a Cloudflare SSL certificate to protect our website.
then in the first section, we want to select Flexible. This will encrypt communications between the browser and Cloudflare. Eventually, you’ll want to have an SSL certificate installed on your webserver so the path from Cloudflare to your server is also encrypted. But for now, this is enough to get the Chrome browser to label your site as Secure!
A couple other settings while we’re in the Cloudflare Crypto section.
Turn on the Always use https option
and finally, turn on the Automatic https rewrites.
That’s it. Depending on your site and the number of http:// links, you’ll now see either Secure or the icon for Mixed Content:
This fix gives you partial encryption and replaces the Chrome Not secure icon with the mixed content warning. If you want to display the Secure label in Chrome, you’ll need to fix your mixed content by replacing all http:// links on your site with https:// links. And if you install a certificate on your site you’ll gain encryption of the full user path from their browser to your server and back. Many web hosting companies are now offering the free Let’s Encrypt certificate and may even install it for free. Check with your web hosting company. Once your certificate is installed, you would then change your Cloudflare SSL option to at least Full.
Or you could do this: Sign up for my Web Hosting Plus and I’ll not only take care of this but all the other chores, like removing the mixed content warning, that give your business a solid foundation to grow on. There are more Cloudflare optimizations that along with on-site optimizations will deliver your business a super fast and fully secure website, just like this:
Other browsers, including Firefox, have indicated they’ll also be displaying their own version of the Chrome Not secure label. Now is the time to become fully secure and reap the benefits.