The message “This site is not secure” mainly appears when a valid SSL certificate is missing or there are errors in the secure connection. The most effective and permanent way to fix this is to install a free SSL certificate (such as those included by Neolo in all plans), which converts your site to HTTPS and removes that warning forever.
Have you ever tried to access your own website and suddenly had your browser block you with the message “This site is not secure”?
It’s frustrating, especially if it’s your site and you know there’s nothing wrong with it. Don’t worry, it happens to thousands of people every day and there’s almost always a quick and free solution.
What exactly does “This site is not secure” mean?
This warning is mainly displayed by Microsoft Edge (and sometimes other browsers) when it detects that the connection between the visitor and the website is not properly protected.
Basically, the browser is saying, “I don’t trust this site because it doesn’t have a valid SSL certificate or there’s something weird about the encryption.”
It does not mean that your site has a virus or has been hacked (although sometimes it can be a sign of something more serious).
Most common causes of the error
- Your site still uses HTTP instead of HTTPS (SSL certificate is completely missing).
- The SSL certificate has expired, been revoked, or is misconfigured.
- Mixed content: the page loads images, scripts, or resources via HTTP within an HTTPS page.
- Temporary browser issues (cache, unsynchronized system time, conflicting extension).
- Self-signed certificate or certificate from an authority not recognized by the browser.
How to fix “This site is not secure” step by step
1. The definitive solution: install a valid SSL certificate
This is the option that eliminates the problem at its root and also improves your Google ranking.
At Neolo, all hosting plans include a Let’s Encrypt SSL certificate completely free of charge and with automatic renewal.
All you have to do is:
- Log in to your control panel (cPanel or cPanel depending on your plan).
- Look for the “SSL/TLS” or “Free SSL Certificate” option.
- Click on ‘Activate’ or “Install.” It takes less than 2 minutes and renews itself every 90 days.
Once installed, force the redirection from HTTP to HTTPS (Neolo does this automatically in most cases).
2. If you already have SSL but the error still appears
- Renew the certificate (if it is Let’s Encrypt, just reinstall it).
- Clear your browser cache and cookies (Ctrl + Shift + R in most cases).
- Check for mixed content: open Developer Tools (F12) → Console tab and look for “mixed content” warnings. Change those URLs to HTTPS or // (relative protocol).
- Check the date and time on your computer/device: if it is set incorrectly, the certificates will appear to have expired.
3. Quick solutions from the visitor’s side (useful for your users)
If you are a visitor and want to enter no matter what (only do this if you trust the site):
- In Edge, click on “Advanced details” → “Continue to website (unsafe)”.
- Or type in the bar:
thisisunsafe(yes, exactly that word, it’s a Chromium “easter egg” that very few people know about).
Little-known tips you won’t see on most blogs
- If you use Cloudflare, temporarily enable “Flexible” mode while you fix the certificate at the source → remove the warning instantly without touching your hosting.
- In WordPress, the “Really Simple SSL” plugin automatically detects and corrects mixed content and enforces HTTPS with a single click (and it’s 100% free).
- If you have multiple domains/subdomains, install a Wildcard or SAN certificate. At Neolo, you can request one for free if you are a long-standing customer.
- The error can also appear due to HSTS preload: if your domain is on Google’s HSTS list and you removed SSL, the browser will permanently block it until you remove it from the list (which takes months). Avoid this by never removing SSL once it is installed.
- Use SSL Labs’ online SSL Checker tool (ssllabs.com/ssltest) to diagnose exactly what is wrong with your certificate. It is free and extremely detailed.
Conclusion
Fixing the “This site is not secure” message is much easier than it seems: in 90% of cases, all you need to do is install or renew the SSL certificate.
By doing so, you not only remove the intimidating warning that scares away your visitors, but you also protect your users’ data and improve your SEO.
At Neolo, we have been helping thousands of people keep their sites secure for over 20 years, without complications or extra costs.
Is your site still displaying the message, or do you have questions about installing SSL?
Write to us via chat or ticket, and we will resolve it in minutes at no cost if you are our customer. We are available 24/7 to help you!
Frequently asked questions (FAQs) about how to fix “This site is not secure”
Is Neolo’s SSL certificate really free forever?
Yes, 100% free and automatically renewed every 90 days as long as you have your hosting active with us. There are no tricks or fine print.
How long does it take for the “This site is not secure” message to disappear after installing SSL?
Normally between 5 and 30 minutes. Sometimes you have to wait a little longer (up to 2-3 hours) because browsers and Google take time to update the information.
My site is only informational and has no forms. Do I still need SSL?
Yes. Since 2018, Google marks ALL sites without HTTPS as “not secure,” whether they have forms or not. You also lose ranking, and many visitors get scared and leave.
What happens if my certificate expires and I don’t realize it?
With the Let’s Encrypt certificate from Neolo, that doesn’t happen: it renews itself.
But if you use another type of certificate, the message will reappear on the day it expires.
I use WordPress and have already installed SSL, but I still see the crossed-out padlock. What should I do?
Install the free “Really Simple SSL” or “SSL Insecure Content Fixer” plugin in one click. They automatically detect and fix mixed content, which is usually the culprit.
Could the problem be with my computer or cell phone and not the site?
Yes, sometimes. Try logging in from another device or network (mobile data). If you can log in normally from another device, just clear your cache and cookies or reset the date/time on your device.