Implementation of HTTPS has become mandatory for websites to stay away from consequences of not being called ‘not secure’ by chrome browser. HTTPS for website denotes that data traffic to and from website is encrypted and users can navigate, submit forms and process payment without any glitch in mind about security of their submitted details. Data transacted to HTTPS site cannot be breached by attackers and can avoid possible online hacks.
But during implementation, web developers face many issues despite proper implementation of steps and configuration of HTTPS on website host.
Normally we see below error when we complete all steps for HTTPS on web host.
Part of this page is not secure such as image
I found 3 reasons until now.
- All links in web page source code (of all pages of website) should have ‘https’ prefix. be it image URL or CSS or JS files.
- Code should not contain any malicious instructions.
- Interesting I found is regarding an image. I came across a case where everything was right. All URLs in web page code were HTTPS, all JS files and code were checked and did not contain any malicious information. But still, problem was not solved. After lot of backtracking and testing, I found that image file name in URL contains special character – ‘@’. It was giving a false and malicious impact to verify page for HTTPS.
Based on my experience, I will urge developers to be patient and test each and every bit of your website pages. I hope my post will help them.