How To Fix Not Secure Warning: Google Chrome SSL Requirements for 2017

Beginning in January 2017 (Chrome 56), Chrome marks non-secure pages containing password and credit card input fields as Not Secure in the URL bar.
This page includes a password or credit card input in a non-secure context. A warning has been added to the URL bar.

Resolve warnings

To ensure that the Not Secure warning is not displayed for your pages, you must ensure that all forms containing <input type=password> elements and any inputs detected as credit card fields are present only on secure origins. This means that the top-level page must be HTTPS and, if the input is in an iframe, that iframe must also be served over HTTPS.

If your site overlays an HTTPS login frame over HTTP pages, you will need to change the site to either use HTTPS for the entire site (ideal) or redirect the browser window to an HTTPS page containing the login form.

Eventually, Chrome will show a Not Secure warning for all pages served over HTTP, regardless of whether or not the page contains sensitive input fields. Even if you adopt one of the more targeted resolutions above, you should plan to migrate your site to use HTTPS for all pages.

Comments

Popular Posts