Web security infographics

The web browsers display a “Not Secure” signal to your visitors if your site doesn’t load over HTTPS and if you don’t have an SSL certificate. But it’s very easy to fix the “Not Secure” issue on your WordPress website.

How to Fix “Not Secure” Privacy Warning in WordPress Website?

Time needed: 10 minutes

Follow these simple three steps

  1. Install & activate the SSL certificate on your hosting.


  2. Enable 301 redirects on WordPress


  3. Enable 301 redirect on .htaccess file


Install SSL Certificate on Your Hosting

Installing ssl certificate
Install SSL Certificate on Your Hosting

Some hosting comes with a pre-installed SSL certificate. But if your hosting does not have it yet, go ahead and Install & activate the SSL certificate on your hosting.

So you can skip this step if the SSL has been already installed on your server. But if you need to install it manually, ask your Customer Support Team to install it on your behalf.

Not to mention, some of the hosting packages may not have a free SSL certificate. And in this type of case, you need to buy an SSL certificate separately.

What is SSL anyway:

SSL stands for “Secure Sockets Layer“. It makes sure the connection is secure between the browser & your website. If you want to learn more about SSL, check an article on the ssl.com website.

Alright, once the SSL certificate is activated on your hosting, follow the next steps.

What Is 301 Redirect and Why It’s Required

301 redirect

301 redirect refers to “Moved Permanently“. It’s also beneficial for Search Engine Optimization.

If you want to learn more about the 301 redirects, read a post on the MOZ website.

However, you may think that is why it’s necessary to enable 301 redirects since SSL is already activated on your server. Here is the simple clarification:

Only by activating the SSL does not force your visitors to SSL or HTTPS.

Imagine someone manually typed your website URL and without the “HTTPS” portion. In this case, your website will load over “HTTP.” And your visitor will still have the “Not Secure” signal in the browser, even though you activated the certificate.

Also, Google and other web crawlers may index your website without the “HTTPS” portion. So if someone finds your website in the search results & clicks the link, they will also see the “Not Secure” signal.

This is just because your WordPress site is not forced to “HTTPS“, and that is why it does not load over SSL.

Enable 301 Redirect on WordPress & HTACCESS

really simple ssl wordpress plugin

You can enable 301 redirect with a few clicks. Just install & activate a plugin called “Really Simple SSL”. This plugin will do all the heavy lifting for you. It will enable 301 redirects both for WordPress & HTACCESS.

The plugin is very simple to use and there is nothing so much with configuration. Just activate it and follow their instructions.

That’s all you need to fix the “Not Secure” issue on your WordPress website.

You might think that what is “HTACCESS“! Because we used this term a few times on this post but never explained it.

It’s a hidden file called “.htaccess.” And this file lives in the same directory where the WordPress system file lives. To clarify, it lives in the same directory where the “wp-content”, “wp-admin”, “wp-includes” folders are located.