Your connection to this site is not fully secure - Issue

Hello,
For some reason, while I’m using chrome, my site is not fully secure.
Everything work fine and I do not understand why on chrome is not fully secure but on
Explorer it is.

How can I fix it ?
Thanks for your help.

Anybody ?

Please help me, I can’t fix it.

noki, we can’t help you if we don’t know which site it is! you need to tell us which domain and also which netlify site name. thanks.

Hey,
my site is - https://www.we-help.co.il
netlify site - (https://we-help.netlify.app/

  • It is not working on Chrome.

Thank you!

hi there did you setup an SSL certificate already for this domain?

Yes, everything seems to work just fine but it is stiil dont work with Chrome

Hiya!

Not a ton of context to go off here but based on a very brief look, my browser console tells me that your page isn’t considered “fully secure” because your form’s action posts to FormSpree over HTTP instead of HTTPS, which is a breach in security to some degree because when a page is loaded over HTTPS, everything about that page should operate on HTTPS

<form action="http://formspree.io/israelwehelp@gmail.com" method="POST">
                  ^

Just change your action url to post to https://formspree.io/israelwehelp@gmail.com instead of the http:// version and you should be fine. Formspree redirects http POST’s to https anyway so there’s no reason not to do this.

Cheers! :grin:


Jon

1 Like

You might be seeing a local browser caching issue. It loads fine in Chrome for me (macOS) with HTTPS.

1 Like

my site is not fully secure.
Everything work fine and I do not understand why on chrome is not fully secure but on
Explorer it is.

I think Noki’s issue is that the site isn’t “fully” secure in the sense of getting the browser lock-icon, not that the site itself doesn’t load over HTTPS :slightly_smiling_face:

1 Like

super helpful, @jonsully! thanks.

1 Like

He should have received a warning after build about mixed content, then, right?

So, first of all, you’re serving all linked resources over HTTPS so that’s great! Besides this, have you tried the basics such as clearing your cache?

If this is still a problem, can you share a picture of the error that you’re seeing?

Thank you so much!!!

Hi Everyone !!!

Looks like i’ve a problem like that

Some people have already access to my website, without any problems… From USA or France.

But sometimes it show : Site insecure
Or sometimes it goes directly to the domain manager (1&1), but i’ve check with them everything works fine…

I need urgently some help :sob:,

The site is :

Https://mayyan.org

Thank you!

Other than the fact that you seem to be using CNAME flattening, your setup looks OK, and your SSL certificates seem to be in place. HTTP requests seem to be forwarding to HTTPS. Is this only happening to you, or to others as well? If only you, it might be a local caching issue.

I think we handle the issues with changing DNS on domain (A), but not sure, can you check from your side ?

What is the issues on using CNAME flattening ? :blush:

image002.jpg

CNAME flattening is something that some registrars offer where you can enter the A record for your domain for both the apex domain and www subdomain. Thusly:

|====================== dig A record(s) for =====================
| ------------------------- mayyan.org -------------------------
| ------------ Netlify's old load balancer: 104.198.14.52 -----------
| -------------- Netlify's new load balancer: 75.2.60.5 -------------
104.198.14.52
Organization:   Google LLC (GOOGL-2)

| ----------------------- www.mayyan.org -----------------------
104.198.14.52
Organization:   Google LLC (GOOGL-2)

See the documentation here:
https://docs.netlify.com/domains-https/custom-domains/configure-external-dns/
|================================================================

Without CNAME flattening, you would have the A record for your apex domain only, and have a CNAME record pointing at your Netlify subdomain, which you do not have.

The Netlify docs say this is OK, but I have a problem with it because CNAME flattening isn’t in the DNS spec so it is a “fictitious” entry. Because of the way that Netlify allows DNS setup using the load balancer IP for the A record and the Netlify subdomain for a CNAME record, it seems unnecessary to me.

yup i faced the same, shutting down localhost and clearing browser cache solved the issue