Chrome says your site is 'Not secure' — the free HTTPS fix
If your site still loads over plain http://, browsers print "Not secure" right next to your name. Customers do not know what it means technically; they know it sounds like a reason to leave.
Why it costs you customers
It is a trust tax on every single visitor, and it is charged before they read a word of your content.
Google both prefers HTTPS in rankings and increasingly walls off browser features from insecure pages. Forms on http pages ("contact us") also warn users their message may be readable in transit — deadly for enquiries.
Check it in 30 seconds
Look at the address bar on your own site: padlock (or no warning) = fine; "Not secure" = this guide is for you.
Our free check also verifies whether http:// quietly redirects to https://.
How to fix it
Since Let's Encrypt, nobody should pay for a basic certificate. Most hosts (including cPanel hosts common in Australia) have a one-click free SSL switch — search your host's help for 'free SSL'.
After the certificate works, force http → https (hosts call this "always use HTTPS"). Otherwise half your visitors still land on the insecure version.
That is a sign worth acting on: hosts that charge for certificates in 2026 are usually overcharging elsewhere too. Moving a small site to modern hosting is a small job.
After switching, run the free check again and look at the mixed-content result: old sites often keep loading images over http://, which browsers then block — the padlock appears, but photos silently vanish. Fixing both together is the complete job.