If you receive a "Site Not Secure" error message when accessing a Product or Page refer to this guide to ensure that your site is secure.
In this article:
Understanding Secure vs. Not Secure
What can cause this message?
This message can be caused by conflicting temporary internet files (from web browser caching) or your domain may be directing your visitors to your site using HTTP instead of HTTPS.
What is the difference between HTTP and HTTPS?
In short, HTTPS is HTTP encrypted. The S in HTTPS stands for "secure." HTTPS uses an encryption protocol known as Secure Sockets Layer (SSL) to encrypt HTTP requests and responses. As a result, HTTPS is more secure than HTTP.
To determine if your site is using HTTP or HTTPS:
http://
is using HTTPhttps://
is using HTTPS
This means when your website uses http://
in the URL instead of https://
you can encounter a "Site Not Secure" message.
Read CloudFlare's Guide to HTTPS to learn more.
Troubleshoot your site
First, clear your web browser's cache and cookies
Clearing your web browser's cache and cookies provides a "clean slate" for you. Your browser will be reset and you can try again with a fresh browsing setup. Read popular web browser guides on clearing your browser's cache:
- Learn to clear cache and cookies in Chrome.
- Learn to clear history, cache, and cookies in Safari.
If you are using another web browser, be sure to check its support site for instructions on clearing cache and cookies for your preferred web browser.
Check if your domain redirects to http or https
If your cache and cookies have been cleared, but the "Not Secure" message persists, check to see if your website is using http://
or https://
:
- Enter your domain into the address bar of your web browser.
- Click into the URL to expand and view the entire URL:
Check your DNS records in your domain provider
Ensure that you have set up a forwarding rule for your domain to always go to https://
to secure your custom domain. Each domain provider has their own flow for setting up a forwarding rule, so depending on your host your setup may differ slightly.
If your custom domain still requires a forwarding rule to always go to https://
refer to the guide corresponding with your domain provider. If you are using another domain provider, please refer to their support site for instructions on creating a forwarding rule.
Learn how to add/edit a Forwarder for a few popular hosting services:
Still Experiencing Issues? Contact Support!
Lastly, if you have cleared your browser's cache and cookies and your custom domain is set to always go to https://
instead of http://
, please reach out to our support team.