Rick's Daily Tips

Your daily dose of practical, easy to follow tech tips!

  • Home
  • Rick’s Bio
  • Advertise
  • Privacy Policy
  • Rick’s Tip Jar
  • Get My Tech Tips Newsletter
  • Contact Me
You are here: Home / Tech Questions & Answers / Q&A: Why is Chrome saying my blog is insecure?

Q&A: Why is Chrome saying my blog is insecure?

Posted on August 8, 2021

1.1k
SHARES
ShareTweetSubscribe

Click here to sign up for my free Rick’s Tech Tips Newsletter!


Question from Carol:  I have a blog and my web host recently installed a free Let’s Encrypt security certificate on it for me.

When I try to access the blog with https: in the URL instead of http: Chrome displays a warning that the site is insecure.

The strange thing is this doesn’t happen on every page, just on some pages (including the Home page). The rest of the pages are marked as secure.

I sent my web host a message a couple of days ago and another one last night asking what the problem could be but so far I haven’t heard back from them.

Do you have any idea what could be causing Chrome to flag my blog as being insecure?

Rick’s answer:  Carol, this issue typically occurs when a “secure” page is calling one or more resource files (i.e. images, CSS files, Javascript files or some other type of external content) from an insecure URL.

In most cases, the problem resource is being called from a URL that begins with http: instead of https:.

Every resource call on a secure web page must be called from a secure https: URL or you won’t get the padlock in the address bar and the browser will flag the page as being insecure.

Just one insecure resource call will result in the entire page being marked as insecure.

This situation is referred to as a “Mixed Content” issue and the exact cause(s) of this issue can be very difficult to track down and fix without a little help.

Luckily, that help is readily available via an amazing free online tool called “Why No Padlock?“.

Using “Why No Padlock?” is easy. Simply follow the steps below:

1 – Visit https://www.whynopadlock.com with your preferred web browser.

2 – Type (or copy and paste) your blog’s URL into the “Secure Address” box.

3 – Check the box to prove that you’re a human instead of a robot.

4 – Click the Test Page button.

The tool will now run a test on your page to track down and identify any insecure resource calls or other types of issues that could be causing the page to fail the security test.

After the test is complete (which could take anywhere from several seconds to several minutes) you’ll see a list of all the issues that were found printed on the screen.

If your blog is typical most or all of the issues found will be resources that are being called from insecure http: pages.

Luckily, those are usually very easy to fix simply by finding those URLs in the page’s source code and changing the http: part of the URL to https:.

Of course that will only work if the page the flagged resource is being called from is actually encrypted (i.e. secure) itself.

If you need help with making the needed change(s) your web host might be able to help. If not, you might need to hire a pro to help you fix the issue(s).

I hope this helps, Carol. Good luck!


 

Cick here to ask me a tech question.

 

1.1k
SHARES
ShareTweetSubscribe




Popular…

How do I ask you a tech question?


Step-by-step guide to completely ridding your PC of viruses and other malware


10 reasons why I recommend buying tech gear from Amazon


Advertise

Guest Post Guidelines

Want to ask me a tech question?

Handy Tech Resources

Privacy Policy

Computer Tips
Smartphone Tips
Blogging Tips

Tech Q & A
Reviews
Tech News

Write for RicksDailyTips.com

Scam alerts
Downloads

Copyright © 2023 RicksDailyTips.com

Affiliate Disclaimer


Rick's Daily Tips is hosted by InMotion Hosting. Click here to find out why.