We've all seen a website highlighted as insecure, either with the insecure mentioned in the browser address bar or the full page privacy warning.
All sites added to the platform include web server config that will help reduce the amount of times that you get these warnings when hosting with Nimbus.
This article explains what to do if you still see one of these warnings on a site that you manage. Firstly, we'll look at the insecure label in the address bar.
Insecure label in browser address bar
This is highlighted bar the image shown below:
This is typically due to one of two reasons. The first is that the site is being loaded via http rather than https, any site loaded over http will have the insecure label. To resolve this you should look to add a redirect so that users end up on https. To do this you can utilise the http to https redirect feature in the Nimbus Hosting platform, see the screenshot below. You just have to enable the feature on the Aliases & Redirects page.
Alternatively, you can utilise the steps in the guide below to ensure https is used via the application itself.
The other reason for the insecure label in the browser bar is mixed content. Mixed content is where some content on the site is loaded via https but some is loaded via http. In the address bar it may show that the website has been loaded via https but there may be an image or other component that is loaded via http. The tool below is great for showing you what elements of the site are causing the insecure label so that you can correct them.
Privacy warning
This is the very scary looking warning shown below.
This page will be displayed when a website is loaded via https but the installed SSL is invalid. An SSL will be considered invalid if any of the below are try:
1. The SSL has expired - SSLs are for a fixed period and need to be renewed
2. The address in the browser address bar does not match a name covered by the SSL
3. All parts of the SSL have not been installed correctly. An SSL plus certificate from the SSL provider must be installed
The below link is great for checking the validity of an SSL, any warning highlight an area to be addressed.
The below screenshot is from the above tool that highlights what to look out for.
A quick way to fix an invalid SSL via the Nimbus Hosting platform would be to install a free Let's Encrypt SSL, see the guide below. If you utilise a paid for SSL from Nimbus then please contact our support team.