WordPress site shown as Not Secure on Chrome when SSL certificate is valid


Our client’s WordPress site is shown as Not Secure on Chrome. This is when the SSL certificate is valid according to Chrome itself.

When I go to the SSL settings in WordPress, I notice the following configuration:
enter image description here

The warning message says that the HTTP Strict Transport Security is not activated and one should get Premium to activate.

The second warning message says that the secure cookie settings are not activated and we should go Premium for that, too.

How should one normally troubleshoot this?


It appears that the json file to a Vimeo link on the homepage is causing a Mixed Content error when I inspect the code. Here is the error message:

Mixed Content: The page at ‘https://www.MYWEBSITENAME.se/‘ was loaded over
HTTPS, but requested an insecure XMLHttpRequest endpoint
http://vimeo.com/api/v2/video/332613091.json‘. This request has been
blocked; the content must be served over HTTPS. (anonymous) @ VM14:1

disasterkid 4 years 2020-03-04T07:51:16-05:00 0 Answers 61 views 0

Leave an answer