Red Bridge CyberRed Bridge Cyber
Customer Login
What We CheckHow It WorksPricingResearchAboutBlogCustomer Login

What does "Not Secure" in the browser address bar mean?

“Not Secure” in the browser address bar means the page is being served over plain HTTP rather than HTTPS, so anything typed into it — a contact form, a login, a payment field — travels unencrypted and can be read or altered in transit. It is the browser warning the visitor, not a sign your site has been hacked. The cause is almost always one of two things:

  • No certificate — the site has no SSL/TLS certificate at all, or
  • No redirect — it has one but is not redirecting visitors from the HTTP version to the HTTPS version.
  • The fix is usually free — most hosts and Cloudflare issue certificates at no cost and offer a one-click “always use HTTPS” redirect.

Only 38% of Australian small business sites enforce HTTPS*, so on most sites a share of visitors can still land on the insecure version even when a certificate exists. “Not Secure” costs you customer trust at the worst possible moment — just as they are about to type something in.