You finally released the website for your business, only to be met with this error: “Your connection to this site is not fully secure.“ More often than not, this typically occurs when a “secure” page is calling one or more resource files (i.e. CSS files, Javascript files, or some other type of external content) from an insecure URL.
In most cases, the problem resource is being called from a URL that begins with http: instead of https:. Every resource call on a secure web page must be called from a secure https: URL or you won’t get the padlock in the address bar and the browser will flag the page as being insecure. Just one insecure resource call will result in the entire page being marked as insecure. This situation is referred to as a “Mixed Content” issue and the exact cause(s) of this issue can be very difficult to track down and fix without a little help.
Using “Why No Padlock?” is easy. Simply follow the steps below:
Visit https://www.whynopadlock.com with your preferred web browser.
Type (or copy and paste) your blog’s URL into the “Secure Address” box.
Check the box to prove that you’re a human instead of a robot.
Click the Test Page button.
The tool will now run a test on your page to track down and identify any insecure resource calls or other types of issues that could be causing the page to fail the security test. After the test is complete (which could take anywhere from several seconds to several minutes) you’ll see a list of all the issues that were found printed on the screen.