How do I know if my website is not secure?

There are two types of website insecurity when it comes to the SSL Certificate on your website.

First, when it does not have a certificate at all. Modern browsers will put a big red warning before letting you access a website like this. There will be no doubt at all if your website is missing a security certificate. The other type of insecurity is more subtle. It is also less dangerous, but increasingly important to to have your SSL configured properly, both for user trust and search engine trust.

If a website is not secure, you can see it in the browser. An insecure website will not show a padlock to the left of the website URL. Instead of a padlock, it will show a warning icon, usually a triangle with an exclamation mark inside it. If you double click into the browser, you’ll be able to see the prefix http://
If a website is secure it will show up as https:// indicating that the website is using an SSL Certificate (Secure Sockets Layer).


If your website is insecure, it means that the connection between your website and your web browser is not encrypted and is at more risk of any data or payment information on your website being hacked. Savvy users will be hesitant to fill out a contact form on an insecure website, because the data they enter is not encrypted as it transfers across the internet. So their contact details could be intercepted, exposing them to more spam. And the risk goes up the more information you ask of your users on any given contact form. Even more, the risk of you logging in to your WordPress admin area if it is not 100% secure, then your username and password has a chance of being intercepted, because it sends it as plain text instead of encrypted data.


Your web visitors will also see a Not Secure or Dangerous warning on their screen when they type in your website URL. When there is an SSL Certificate, but some of the elements on the page are stored as non-secure, then the browser bar reveals this warning if a user clicks on the triangle warning:


“Your connection to this site is not secure. You should not enter any sensitive information on this site (for example,
passwords or credit cards) because it could be stolen by attackers.”


An SSL Certificate is essential for every website now. The installation of SSL on a domain is fairly well automated these days. To avoid  any malicious software being installed on your device, phishing or hacking attempts, we recommend that you also configure the website to correctly use the secure https:// version of your domain only. If you need help with this, please get in touch and MakeWeb can do this for you.