How to enable HTTPS on your website
Serve your site over HTTPS so traffic is encrypted and browsers stop flagging it as Not Secure.
What it is
HTTPS encrypts the connection between a visitor's browser and your server using a TLS certificate. Without it, everything travels in plain text.
Why it matters
Browsers label plain-HTTP sites 'Not Secure', which kills trust and conversions. Login details, form data, and session cookies can be read or altered by anyone on the network.
How to fix it
- 1Get a TLS certificate — free from Let's Encrypt, or via your host/CDN (Cloudflare, Vercel, AWS ACM) which often provision one automatically.
- 2Install the certificate on your web server or enable the host's one-click HTTPS.
- 3Redirect all HTTP traffic to HTTPS (see the HTTP→HTTPS redirect guide).
- 4Update internal links and resources to https:// to avoid mixed-content warnings.
- 5Re-scan to confirm the certificate is valid and trusted.
Not sure if your site is affected?
Run a free scan — or let us fix it all for you.