I’ve recently been getting. Not secure showing before the Barnsleyfc.org should I be concerned. Proper technophobe me.
I can fix that for you ... I just need the long number from your credit card and the three digits from the back ...
It's just because the website isn't encrypted. It doesn't really matter, but it probably should be in this day and age. It's free through LetsEncrypt @Gally
If you don't have a https url you get this flag. You need a digital certificate for that. Nothing really confidential on here, other than people's passwords. Better to use a unique one for this site, in case someone hacks it.
I know how it works, https = encryption. I install certificates all the time, LetsEncrypt is free and very good. Very easy to install. as for "Nothing really confidential on here" - https://doesmysiteneedhttps.com/ Every website in 2019 should have SSL really. There's no reason not to. By a 'unique one' I assume you mean a paid-for domain-specific certificate. I suggest you read this - https://wplift.com/free-ssl-certificate-lets-encrypt-safe - Let's Encrypt offer unique domain-specific certificates, which are signed by the Let's Encrypt Root CA, which allows them to be accepted by most major browsers as 'trusted'. There's no risk of 'hacking' though, or any issue with using a free cert, other than you don't get the privilege of paying a company to generate a certificate for you... You generate it yourself via Let's Encrypt.
No I meant your log in password as a user. If you use it for your Facebook account you might have problems if the site is hacked.
Oh I see, my mistake. I guess this is what happens when you're too far inside the internet security black hole... Yes, I would definately recommend a unique password for this site (I would recommend a unique password for all sites, to be fair, store them with something like lastpass, add your phone as a two-factor on there, sorted. You can even set it up to automatically change passwords for you on some sites every x number of days, but that's probably a step too far...)
its actually already over https with a valid certificate, by the looks of it. just needs a redirect from http->https sorting out
Good point. it's a cloudflare wildcard certificate, I suspect it's cloudflare Flexible SSL, which encrypts to cloudflare servers but goes unencrypted from cloudflare to the hosting server. not something I would use personally, but probably good enough for this site. needs that redirect in though, or it's pointless.
