‘Not Secure’ preceding my site address
-
Hi, the last few days my site address is as follows:
Not Secure https://merrymartycards.wordpress.com/
Could you please look into as this is concerning.
Thank you,
Marty FishmanThe blog I need help with is: (visible only to logged in users)
-
Are all the images on your site within your Media Library or are any linked from elsewhere? If you say this is a recent change, have you recently added linked images to your sidebar?
-
Thank you for your response. The images are all within my media library and I haven’t added anything to my sidebar in over a few months.
-
I must admit, my Antivirus software doesn’t seem to like your site. Perhaps one of the sites you link to in your sidebar has been compromised. I have added the modlook tag to ask if a member of staff can check your site.
-
-
Hey there,
I am not sure if this is related to the post you trashed 6 or so hours ago, but I am not picking anything suspicious on my end. Are you still receiving that message?
I looked at the backend of your site and everything looks good as well.
Let me know, and I will be happy to further look for you.
Thanks,
-
Hi Darnell, thanks so much for checking into this for me. I’m still getting the “Not Secure” before my site address and I wonder if other people are getting this too when they look at my site. I did a full scan of my computer last night and there were no issues. Since this just started, I wonder if it’s related to my latest post on 5-17. I downloaded the pics from my camera to computer, but can you check the pics to be sure it’s not one of them? Someone also suggested that maybe one of the widgets on my sidebar became compromised. If you could dig around some more, I’d really appreciate it.
Thank you, Darnell.
Marty Fishman
-
Hi Darnell, when I click on the lowercase letter I in the circle before “Not Secure” and I view the certificate, there’s a certificate warning for WordPress. Not sure if this helps you or not.
Thank you,
Marty Fishman
-
Hi there.
The SSL certificate on your site is fine. That’s actually why you’re seeing an error.
The error you’re seeing is a mixed content error. Different browsers display them differently, but what it comes down to is that some content on your site is being served over a http connection instead of an https connection, meaning while your site is perfectly secure, some of the files being loaded on it are not.
Specifically, some of the badges in your sidebar have http links, not https links, including the Funkie Junkie, Frilly and Funky, Pumpkin Latte, Heartful Stamping, Scrapyland and Craft-Dee Bowz, to name just a few.
I suggest you check if any of those sites have since switched their domains to https and update the links in the widgets accordingly. For the sites that still do not have https on their domains you have a choice – either live with the mixed content warnings, knowing that it can potentially lead to search engines penalising you in search results and some browsers to eventually block your site completely. Or you can remove those widgets from your site.
But this is how an SSL certificate is designed to work, and we cannot do anything to prevent those warnings from our end.
-
Hi, thank you for the explanation and this makes sense . I went through and deleted some badges altogether, and on others Ieft the picture but deleted the link, thinking that would work. Still, I get the “not secure” message in front of my address. Should I delete the badges completely? This might be a silly question, but would upgrading my plan (with my own domain) help or it wouldn’t make a difference?
Thanks for your help!
Marty Fishman
-
Upgrading won’t make any difference here, no. This is central to how SSL certificates work, and not something our paid plans can alter in any way.
Just removing the links is not a fix, as it has to do with the source the images are loading from, not where they are linking.
For example, the Heartful Stamper image is being loaded from http://stampedblessings.com/wp-content/uploads/2016/12/top32-e1482158158822.jpg, which is an unsecured link. And the site http://stampedblessings.com/ itself also doesn’t have SSL, so changing that link to https will just break the image.
But what you could do is download that image from the site where you got it, upload it directly to your site’s media library, and then replace the image in the widget. That will cause the image to be loaded from your site’s own media library, which does have a https link, and you shouldn’t see warnings any more.
-
Hi, I just deleted those badges I mentioned and left only those that link to https: sites. That warning is still there. Sorry to be a bother, but any other ideas?
Thank you!
-
-
I took those out earlier and it didn’t make a difference, so I linked them back in. Good idea, though, thank you.
-
Both the Word 2 Craft By and Sisterhood of Crafters images in the sidebar are being loaded from http links. You are linking them to https links, but the images themselves are being loaded from a http source, as I explained in my previous reply.
It’s not where the image is linking that’s the issue. It’s where the image is being loaded from.
Both those sites do appear to have SSL now, so edit the widgets, click Replace Image, and then edit the insert URL from http to https.
- The topic ‘‘Not Secure’ preceding my site address’ is closed to new replies.
WordPress.com Forums 
