If you have an ecommerce site it is highly important to ensure that the site’s checkout process is secure and won’t have a browser security warning.
Security Warning
A simple browser security warning can make the customers question the security of the site; thus preventing them from continuing their purchases. This will have a negative impact on your sales. It definitely does not look good for your ecommerce site to have a pop-up saying that your website is insecure. Surveys show, consumers are leery on submitting their payment information, especially when they see that terrifying popup saying that your website is containing both secured and non-secured items.
What causes these browser security warnings?
- Non-secure calls to images, js, or css
- Secure URL does not match the domain of the certificate
- Expired SSL certificate
- SSL certificate not installed properly
- Third Party SSL certificate is expired
This post will tackle mainly on the first cause which is non-secure call to images, js, or css. This is the most common cause why web browsers will display a warning about insecure contents on your secure page. You should always remember that on any secure (https) page, every html call to an image, javascript script, or css stylesheet must also be via a secure (https://…) URL. Example: <img src=”http://darlenearcenal.com/logo.png” /> must be <img src=”https://darlenearcenal.com/logo.png” />.
A client contacted me about his ecommerce site not showing the security padlock. He also told me that a customer contacted him that the site has security warnings. The sites SSL certificate in up to date, the secure url match the domain certificate and the ssl was installed properly. So, the cause why the site is showing security warnings is the non-secure calls to imags, js, and css. The site was big and I didn’t built it! Thus, it is really hard for me to trace where are the non-secure calls. Luckily, I found this site http://www.whynopadlock.com/.
http://www.whynopadlock.com/ is a simple tool that will tell you about any insecure items on your SSL page. Just type in the full https secure URL into the Secure URL box and you will get a report about:
- Insecure calls to images,css, and javascript
- Images called insecurely from linked css and js files
- Expired cert, invalid or missing intermediate certificate (including 3rd party SSL certs.)
Note: This is really helpful and it will save you a lot of time.
Tags:
https insecure items,
insecure site,
remove browser security warning,
remove security warning,
secure eccomerce site,
secure website help,
security warning,
security warning cause,
ssl,
ssl help,
ssl tool,
tool showing the insecure items on ssl page,
whynopadlock.com 