Does the web browser show the user a message “This site is not secure” when visiting your site?
SSL certificate issues are one of the most common reasons for this.
In this article, you will learn about the most common SSL problems so that you have sufficient information to solve this problem, which helps your site remain in a safe state for visitors as well as for search engines.
Many website owners in general, and WordPress in particular, face the problem of the site not being secure alert appearing, which may affect visitors’ confidence, especially since all modern web browsers have begun to pay great attention to verifying the secure connection within websites using an SSL security certificate:
Before we discuss the most common SSL problems and ways to solve them on WordPress sites, we will first talk about some tips regarding choosing and installing an SSL certificate on your site so that you will not be surprised over time that the connection to your site is not secure. You may notice a significant decrease in the number of visitors, and the search results that appear may be affected. On your site if the problem persists for a long time:
- Basically, make sure that your site already has an effective SSL certificate, as some hosting companies do not install the certificate automatically, and you must then install the certificate yourself in order for it to work properly on the site and all the links within it.
- If you purchased an SSL certificate from a different company than the one you purchased the domain name from, make sure you verify ownership of the domain name so that the certificate is issued properly.
- If you have a number of subdomain names under your site’s main domain name, make sure that the SSL certificate is also effective on all subdomains such as www.subdomain.Example.com
- If your site is simple and you cannot afford to purchase an SSL certificate, you can obtain an SS certificate for free and install it on the site, as it is considered an essential element to avoid the “connection is not secure” problem.
1- The message “The connection is not secure” appears.
If your site does not use an SSL certificate and then you purchase the certificate and install it on the domain name, then you will most likely face the problem of an unsecured connection and perhaps problems opening many website links as well. This is because the website link before installing the SSL certificate was working in the http format and not https which is a prefix. Link to the new website after installing the certificate on it.
Therefore, there are some procedures that must be taken after installing the SSL certificate on your WordPress site to ensure that the site is properly opened to visitors normally.
First, you must change the site link addresses from within the Settings << General tab within the WordPress control panel, where you will find that site links begin with http, and here you must add the letter S so that the prefix of the links becomes https, for example if the site link is http:/ /site.com you should change it to https://site.com:
In this way, you have updated the WordPress links to the new format that begins with https instead of http, which most web browsers consider to be an unsafe format for communication between visitors and the site’s content
electronically.
Changing links within the WordPress control panel is not enough to eliminate the problem of unsafe connection to the website, especially immediately after installing the SSL certificate. Also, website links that contain the http format must be updated within the databases.
You can update unsafe http links within the databases. You can contact the database manager Phpmyadmin from within the hosting control panel, then enter the WordPress database, go to the Search tab and type http to search for all links that begin with this formula within the WordPress databases:
Note : We always advise you to make a backup copy of WordPress before starting any modifications to the site’s databases in case of any data loss or sudden malfunction.
The search will begin for all links that contain the unsafe format http in all tables located within the WordPress databases on the site, and you will find a Browse search results button that you can click next to any of the tables that already contain those links that you want to update:
You will see all the rows inside the database tables that contain the link in the http format, which can be easily updated by clicking on the Edit button next to each of the rows shown in front of you, and updating the format from http to https.
Updating links within databases using plugins
The method that we explained in the previous paragraphs requires you to log into the site’s databases yourself and start updating all links that begin with the http encoding to the secure https encoding. However, there is an easier solution that does not require you to log into the WordPress databases, which is by using a specialized plugin.
One of the most popular plugins that help you search within WordPress databases and replace any value with another value is the better search replace plugin .
After installing and activating the add-on on the site, you can go to its settings tab, to find field (1) in which you write the encoding you want to search for within the databases, which is http in this case, and in field (2) you write in the new encoding you want to replace, which is https in this case. the condition:
The extension will update all links that start with http to the secure https prefix without your intervention and also without the need to enter databases and perform search and replace yourself. You can also delete the addition after completing the required task if you do not need to use the other options as you have completed the required task.
2- Solve the problem of “your connection is not private”.
Internet sites often face the problem of some browsers notifying “Your connection is not private,” especially sites that already use an SSL certificate, but suddenly this notice appears in front of site visitors:
This error is very largely caused by a sudden problem with the SSL certificate that your site uses, and one of the most prominent of these problems is the expiration of the certificate, as most companies provide you with an SSL certificate with a renewal system every year or several consecutive years, and in this case you must be careful. You must renew your subscription to the certificate to avoid this notice appearing.
You will often find a notification inside your account with the hosting company that you use for your website informing you that the date for renewing the SSL certificate is approaching, which helps you renew the certificate at the appropriate time to avoid the emergence of a connection problem that is not specific to your website:
3- Solve the problem of incorrect timing and not reading the SSL certificate
Sometimes the SSL certificate works perfectly on the website and is very effective, but a message appears to one of the visitors telling him that the time and date are incorrect, which causes https to not appear at the beginning of the website link, which prevents visitors from entering the website directly:
This problem is very simple and does not require action from the site owner because the SSL certificate works well, but the problem is in the visitor’s computer, as the timing on his computer is not set correctly, which in one way or another caused the web browser not to read the SSL certificate well, causing the appearance This notice.
This problem disappears immediately if the visitor updates the time and date on his computer and he can immediately access the website link without any problem.
4- Solving the problem of “the connection to the site is not completely secure” or what is known as mixed content
The problem of a completely insecure connection or mixed content does not mean that you are not using an SSL certificate on your site, but it means that some links on your site work in the secure https format and some other links work in the unsafe http format, and this problem often occurs on sites that were not using it. SSL certificate and then the certificate was used which may cause this problem to appear.
The problem of mixed content in short, or as some browsers call it “the connection is not completely secure,” means that the link to the home page of your site may be https, which is the secure encoding, but there are some files inside your site that are called with the http encoding, such as images that are called via their links or code files. Programming such as CSS files, Javascript files, etc.
Solving this problem manually will be very complicated, and you will have to access all the code files for the template used on your site and search for any link bearing the http encoding and then replace it with the https encoding, which may cost you a lot of time and effort.
Instead of searching for mixed content yourself within all the site’s code files, as well as media files and images, you can install one of the add-ons that does this task automatically.
One of the most famous add-ons that solve the problem of mixed content is the Really Simple SSL add-on, which once installed and activated on your site, you can go to its settings tab to notice the option (fix mixed content), which can only be activated so that the problem is solved automatically without your intervention:
5- Solve the problem of Too many Redirects
One of the most prominent problems related to the SSL certificate is that the Too many redirects notice is displayed by many web browsers.
This problem often appears on sites that were not using a secure https connection and then moved to it after a while. In most cases, the reason is the presence of the FORCE_SSL_ADMIN function, which forces the browser to use the https encoding on the WordPress login page. This function is often present in templates. Modern WordPress.
To solve this problem, we will use the following code to prevent repeated redirects every time we connect to the WordPress login page. You can write the code inside the wp-config.php file at the end of the code inside the file:
if (strpos($_SERVER[‘HTTP_X_FORWARDED_PROTO’], ‘https’) !== false)
$_SERVER[‘HTTPS’]=’on’;
I also noticed that most of the most common SSL problems occur with sites that do not use the https secure connection and then start moving to it after a while. Therefore, it is very important to install an SSL certificate on the website from the first day of its launch over the Internet, while making sure to renew the subscription to the certificate permanently until Web browsers do not display privacy and security error messages to website visitors.
Finally, if you have installed an SSL certificate on your site recently, I advise you to also update the site link in Google Webmaster Tools, and add the site again using the secure link prefix https so that you can monitor the appearance of all your site links in search results well:
Leave a Reply