Insecure website warning


#1

How do we secure our site? I’m getting a warning message when I log into my new site/ blog.

Quote from Firefox

Start quote [ Starting in Firefox version 52, you will also see a warning message when you click inside the login box to enter a username or password.
What can I do if a login page is insecure?
If a login page for your favorite site is insecure, you can try and see if a secure version of the page exists by typing https:// before the url in the location bar. You can also try to contact the web administrator for the site and ask them to secure their connection.] End quote


#2

What is your website?

If you use http://YOURSITE.COM then you can only use HTTP not HTTPS so within your script settings for example WordPress make sure your site begin HTTP


#3

Thx for the quick response. I’m in the Wordpress Settings/ general area now.
The WordPress Address (URL) and Site Address (URL) are both the same
http://mysite.com
It appears to be the default setting.
Do I change it to https://www.mysite.com


#4

I can’t log into the blog any more. Firefox has blocked it as an “insecure site”.

“The owner of this site has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.”

Firefox advanced says:
Site uses an invalid security certificate. The certificate is only valid for the following names: *.000webhostapp.com, 000webhostapp.com Error code: SSL_ERROR_BAD_CERT_DOMAIN


#6

@webuser What is your domain name??


#7

Thx again.
Have deleted Wordpress and all dbs , reinstalled a couple of times, and the problem persists.
Have checked the nameservers are set correctly .
Url


#8

The reason is because you are not using “https” or simply “not using ssl”.
So ignore this issue or you can use some plugin…so that you can use admin over “https” and remaining page over “http”


#9

You can check this tutorial…See if this helps you…


#10

Thx. The only option when installing wordpress on 000webhost was to enter the domain name. No option to add https or http.
I’ll check the tutorial. Thx again


#11

The tutorial suggested installing a wordpress plugin (wordpress force http) to over-ride the “insecure site” warning.
If problem persists, then ignore the warning if just logging in as the admin. As the site is secure for visitors. Thx again

Full article here


#12

I get the same error with either http:// or https:// it keeps seeing the SSL as belonging to OOOwebhost. My domain name is delamrcrp.com

Brian


#13

That’s because you don’t have SSL.
Try this tutorial,


#14

Hi
I have the same problem. My website is
Https://dhitsmayalab.000webhostapp.com. and on some universities like stanford cant access my site because of their security restrictions on some sites.

It throws this error :the connection is not secure.The certificate is not valid.

They dont want to add an exception and I try to find a global solution.

So myt question is if i buy a domain and create my own link like wwwxxxxcom

It will not use sdl certificate? And if this is the case it will be a free web with no security restrictions for the universities?

I will be grateful if you help me.

Many thanks edith


#15

Hi i think so that many universities only allow access to sites with SSL so i recommend you to grab any free or paid domain and use SSL with it


#16

If they only allow sites with ssl why 000webhostapp ssl certificate is not allow in this case?


#17

Conversation switched to PM


#18