Is Chrome marking your site as Not Secure?
Since October 2017, the Google Chrome browser has shown a "Not Secure" warning on:
- non-HTTPS pages that allow visitor to enter any data
(contact forms, login, search bar, etc.)
- any non-HTTPS page visited in Incognito Mode
- non-HTTPS pages that have password fields
- non-HTTPS pages with credit card fields
So you are guaranteed to have at least some (if not all) pages in your WordPress site marked "Not Secure".
What is HTTPS?
HTTPS is the secure version of HTTP. The website and the browser's communication are encrypted through the use of a secured socket layer (or SSL). This helps to keep any communication between your visitor and the website safe from hackers and other bad guys.
How does not having HTTPS affect my site?
Should I move my site to HTTPS?
If you are serious about your website and your business, then YES. It's a new world out there and Google has implemented policies that make the web more secure. This is a good thing...
HTTPS makes your website more secure, earns your visitors’ trust, and can help your site ranking, performance, and traffic.
 Obtain an SSL Certificate
An SSL certificate encrypts whatever communication happens between your website visitor and your website.
Instead of purchasing an SSL Certificate you can get one free from Let's Encrypt. Let’s Encrypt is a nonprofit with a mission to create a more secure web by promoting the widespread adoption of HTTPS.
The easiest way to obtain the Let’s Encrypt certificate is by asking your host. If your host offers Let’s Encrypt support they can request a free certificate, install it, and renew it automatically every 3 months.
Check the list of hosts. On the list? Great! Contact your host to install the Let's Encrypt certificate.
Otherwise, you can obtain a Let’s Encrypt SSL certificate from ZeroSSL.com.
 Enable WordPress to work with HTTPS
Install the Really Simple SSL plugin from the WordPress repository and enable it. If you have the security certificate properly installed it will start serving up the website the secure connection HTTPS.
The plugin handles most issues that WordPress has with SSL. All incoming requests are redirected to https and the site url and home url are changed to https.
***Don't forget to update the Webmaster Tools and Google Analytics to the new HTTPS:// Here's help...***