Persistent notice “insecure” by Google Chrome

  • Hi,

    over the past few weeks, four of my six WordPress based sites have been almost continuously seen as having insecure content by google Chrome (translated from my language into English, the error says: “The connection to […] is not secure. You see this warning, because the website does not support HTTPS.”

    However, when checking e.g. with https://www.jitbit.com/sslcheck/ or other tools, I did not get any clues (I could interpret?). I do have enforced SSL and I set the plugin “SSL Insecure Content Fixer” to the highest level. Still, it did not help. I also tried to use the “examine” function of Chrome, but did not see any mixed content during the last days.

    I also searched for https:// and http/ and replaced it. Still, the warnings show up.

    There are days, when one or the other website are not labelled as insecure, but, then, the others are still. I really do not know what to do any longer. Can you, please, help?

    (I have linked a page where I list all the sites in the field “Link to the page you need help with” in order to be able to edit flexibly even after posting this and note there if something changes or delete the page, once the problem is resolved. I hope that is ok.)

    All just happens with Google Chrome.

    I would be very thankful for advice. (I am not a programmer or coder, so I would be particularly happy if I also could understand it ; ) )

    The page I need help with: [log in to see the link]

Viewing 6 replies - 1 through 6 (of 6 total)

  • I checked your sites (only the homepages) but I didn’t see a single “insecure” in any of the three sites.

    See: https://i.snipboard.io/6tOTvu.jpg

    I also manually examined the sites’ code and run the sites through tools like WhyNoPadlock, etc — but I didn’t see any mixed content issues. All SSL certificates are also valid.

    Unless the issue can be reproduced, it’s unfortunately impossible to provide any further assistance.

    Thread Starter lovinglyhappy

    (@luckilyhappy)

    Hi George,

    Thank you very much for checking. Could it be an issue with my individual computer and browser then? I had also asked a friend to check on his computer a while ago, he had no warnings, but I thought maybe it was chance or he had not properly deleted cookies etc.

    If it is just my Chrome browser, I can live with it (it even says “insecure connection” when I want to access yahoo.de, can that be right?). My only concern is that others might have the same problem and then not visit my sites. But when it is only my individual browser, (almost) all would be well.

    • This reply was modified 2 years, 4 months ago by lovinglyhappy.

    If it is local problem (ie coming from your computer or internet connection), then the common culprits are:

    1) Wrong computer time: check your computer’s time to be sure it’s correct.

    2) A security software/hardware “inspecting” all incoming/outgoing traffic (the said software will decrypt all incoming traffic, inspect it for malware or corporate compliance, and re-encrypt it with a “fake” certificate, which can lead to all sorts of difficult-to-track errors).

    If your computer’s time is correct, then kindly check the actual SSL certificate seen in your browser when you see this “insecure connection” message.

    For the first domain on your list, the certificate should look like this screenshot. If you see any other domain name (other than the one you visited) or a certificate issued by another organization (other than R3/LetsEncrypt), then the second scenario I mentioned above is happening on your computer/network.

    There are other possibilities as well, like SSL cipher suite not supported by your OS/browser version or configuration. But above are the lowest-hanging fruits.

    Thread Starter lovinglyhappy

    (@luckilyhappy)

    Thank you again for your reply. Date and time on my notebook (Lenovo/Windows 10) are correct. I am using Panda Dome as antivirus programme and Malwarebytes Windows Firewall Control. I also use AdGuard (but also tried with it deactivated, which did not make a difference.) But I have used them for a few years, and this never happened until the recent two months or so. The certificate shown is the correct one, as shown in your screenshot, too. That is what made it so irritating: Everything seems secure, no mistake visible, and still these warnings…

    Thank you for taking the time to let me know that it might be a computer system problem. If it is really just in my system and if others will not see the warning when trying to access my sites, is fine. I can just click through to the pages in my browser. I only want to avoid that others are deterred to visit my sites by a warning that it was insecure.

    • This reply was modified 2 years, 4 months ago by lovinglyhappy.
    • This reply was modified 2 years, 4 months ago by lovinglyhappy.
    • This reply was modified 2 years, 4 months ago by lovinglyhappy. Reason: spelling, wording
    • This reply was modified 2 years, 4 months ago by lovinglyhappy. Reason: addition

    I can just click through to the pages in my browser.

    OK, this is a good hint. Are you seeing something like the screenshot below (not your website)?

    If not, can you kindly provide a screenshot of what you’re seeing? (Please let the address bar show, but you can block a part of your domain.)

    Thread Starter lovinglyhappy

    (@luckilyhappy)

    Yes, that is what I was referring to in my first post, the warning reading, when translated into English “The connection to […] is not secure. You see this warning, because the website does not support HTTPS.”. I have uploaded a screenshot here.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Persistent notice “insecure” by Google Chrome’ is closed to new replies.

Tags