My domain is: https://www.ohioemsnews.com
My hosting provider, if applicable, is: JustHost
When I go to my website it says my site is not fully secure. When I log into the admin area is says it is secure. What am I doing wrong?
It will only let me add 1 screenshot for help sorry
Hi @fmwebs
there are some errors ( https://check-your-website.server-daten.de/?q=ohioemsnews.com ):
Your standard urls:
| Domainname | Http-Status | redirect | Sec. | G |
|---|---|---|---|---|
| • http://ohioemsnews.com/ | ||||
| 108.167.160.249 | 301 | http://www.ohioemsnews.com/ | 0.260 | D |
| • http://www.ohioemsnews.com/ | ||||
| 108.167.160.249 | 200 | 0.507 | H | |
| • https://ohioemsnews.com/ | ||||
| 108.167.160.249 | 301 | http://www.ohioemsnews.com/ | 1.510 | F |
| • https://www.ohioemsnews.com/ | ||||
| 108.167.160.249 | 200 | 1.557 | I | |
http + www isn't redirected to https, so that version isn't secure. https + non-www is redirected to http + www, that's bad - never redirect https to http.
And you have some content errors. Sample:
| form | get | http://www.ohioemsnews.com | 2 | mixed | |||
|---|---|---|---|---|---|---|---|
| img | src | http://www.ohioemsnews.com/wp-content/uploads/2015/01/cropped-header-trans.png | 1 | mixed | |||
| img | src | http://www.ohioemsnews.com/wp-content/uploads/2015/01/ohio-ems-news-150x150.png | 1 | mixed |
And a lot of scripts (check the complete list), which are http links (not https). So your site doesn't work as expected. And the browser shows warnings.
thank you for your help. I found a WordPress plugin that fixed everything. you guys are great! keep up the great work and Let’s Encrypt the world!
you still have some serios issues.
look at the report from @JuergenAuer and make sure to fix the issues.
Ah, thanks - there is a new check of your domain, perhaps @Nexo1960 has checked your domain.
The http script links are fixed, that's good.
One script is missing, that's the last Grade I:
script
src
https://www.ohioemsnews.com/wp-content/themes/news-mix-light/js/jquery.caroufredsel-6.0.4-packed.js
404
Not Found
1
missing file
Result should be a H, the http + www version doesn't redirect to https. So if a user selects that version, the user isn't secure.
Are you using WordPress?
No, I don't use Wordpress (20 characters 
)
Yes I am using wordpress
Download the plugin “Really simple ssl” and activate it. Then at the top is will ask to start it and that is it. The plugin has a yellow lock as icon.
I did , but the padlock appears then "not secure " appears a few minutes later, this only started after importing a demo for a theme
Just checking the basics…Did you change the URL to https:// in the WordPress settings?
I assumed it did that automatically since that’s how it appears in the url bar, but let me try editing that
It is indeed https:// , is the problem the theme demo?
try changing themes and see if it corrects itself
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.