Issue
I recently created a website for my client's business. We bought and setup an OV SSL certificate from GoDaddy, the same platform we're hosting on. But for some reason, Safari is flagging the whole site as not secure, whilst Chrome and Edge are saying its secure. All the links on the website have an HTTPS prefix and all the images are hosted on the server. Its only a small website advertising his business, its got about 5 pages. Why is Safari flagging the site as not secure? Please help.
Solution
Browsers auto-complete the URL schema when an address or hostname is typed in. Currently, there are some browsers auto-completing to https://, while some still autocomplete to http://. The latter seems to be the case with Safari.
So actually, Safari is marking your http website as unsecure, which is as expected.
For several years now browser vendors have been transitioning to encryption by default, taking increasingly strict measures to do so, like connecting on https by default.
A website usually can be reached on both schemes when a certificate is installed. So one would add a 301 redirect from http to https to force every one to use the encrypted connection. This redirect is missing in your configuration. Often, it can be activated with a simple checkbox in the web hoster’s configuration pages.
It is best practice to preserve all other parts of the request during the redirect, except the schema, so that existing links still work. e.g. http://example.com/test.html would redirect to https://example.com/test.html
Answered By - Andy Answer Checked By - David Marino (PHPFixing Volunteer)
Posts
0 Comments:
Post a Comment
Note: Only a member of this blog may post a comment.