At some point, most of us have come across the error message “Your Connection is Not Private” while searching the internet and landing on unknown sites. And when you see it, you may feel a moment of panic.
Did you click on a spam link by mistake?
Has your personal data already been compromised by landing on the site?
But it’s even more concerning when you see the “Your Connection is Not Private” error on a website that you own. Your first thought is probably that your site has been hacked. Then you realize that your users are seeing the same error and will likely stop visiting your site because of it.
But what’s really causing the issue?
Let’s take a look.
What Is the “Your Connection Is Not Private” Error Message?
First, understand that there’s no reason to panic if this error appears on a site you’re browsing, or on your own WordPress site. All it means is that Chrome, or a different browser you’re using, is trying to prevent you from visiting a site that they’ve deemed to be unreliable.
This common error most likely occurred because your web browser noticed an issue while attempting to create a secure SSL connection. Or it was unable to verify the SSL certificate.
For one example, it could be happening because the certificate’s authority is illegitimate. When that happens, you’ll see this message:
Valid SSL certificates allow sites to run on HTTPS, which is the secure version of HTTP. And sites with SSL connections that are problematic aren’t deemed as reliable, because they are open to all kinds of security issues.
For example, a site with an invalid SSL certificate will make it a lot simpler for hackers with malicious intent to steal data. When personal info such as payment details or login credentials are entered into an unsecured site, they could be wide open and visible to these hackers.
But there are times when the issue of the “Your Connection is Not Private” error doesn’t stem from the site’s SSL certificate. It may be happening because of an issue on the site user’s end, such as their:
- Operating system
- WiFi network
Many people have encountered this problem while connected to unsecured public WiFi, or even because they have an incorrect time and date on their workstation. It can even happen if the user’s antivirus software is currently in the middle of an SSL/HTTPS scan.
If the issue is at the user’s end, then the error is a very easy fix. More on that later.
What Does “Your Connection is Not Private” Look Like on Different Web Browsers?
A similar error message to the “Your Connection is Not Private” will also appear on browsers other than Google Chrome.
Let’s see what they’ll look like on Safari, Opera, Firefox, and Edge.
When the SSL certificate of a site you’re visiting on Firefox isn’t valid, you’ll see a message that says: “Warning: Potential Security Risk Ahead.”
Then, within the description, the browser informs site users that it “detected a potential security threat” and says that “the issue is most likely with the website, and there is nothing you can do to resolve it.”
If you want additional details and a specific error code, you can click on Advanced. Then, by identifying the exact issue, you’ll be able to troubleshoot it more easily.
Some error codes you’ll see include:
When using Microsoft Edge, the invalid SSL certificate will direct users to a “Your connection isn’t private” page that is nearly identical to Chrome’s. On the address bar, you’ll also notice a red “Not secure” warning.
This browser also informs site users, “attackers might be trying to steal your information.”
Edge error codes look almost identical to the ones in Chrome:
- Error Code: 0
When the issue happens in Safari, you’ll get a “This Connection is Not private” warning.
It’ll inform users that “the website may be impersonating the site you wish to access to steal your personal or financial information.”
Then, Safari suggests that users head back to the previous page they were on.
The version of the error in Opera will say “Your connection is not private,” which is the same as Chrome.
It also details the particular error code that’s causing the issue under the description.
When you click “Help me understand,” the details of the issue will be revealed. And according to what Opera says, the error is being caused by “a misconfiguration or an attacker intercepting your connection.”
Error codes in Opera will be very similar to ones in the other browsers:
- SSL certificate error
How Do I Fix “Your Connection is Not Private” as a WordPress Website Owner?
If you’re a WordPress site owner and you experience this error on your own site, you first need to eliminate potential issues with your SSL certificate as the culprit.
In this section, you’ll learn the four different troubleshooting methods that will solve the dreaded error message on your WordPress site.
1. Check the Expiration Date of Your SSL Certificate
You’ll first want to check if your site’s SSL certificate has already expired, especially if you’re required to renew your certificate manually and haven’t yet done so.
For example, Let’s Encrypt’s free SSL certificates only last for 90 days, and need to be renewed after that if you want to keep them active.
To check the expiration date of your certificate on Google Chrome, here’s what you need to do:
- Navigate to the website with the “Your Connection is Not Private” error and select the padlock icon located in the URL address bar.
- Click “Connection is Secure.” This could look a little different depending on the site.
- Choose “Certificate is Valid.”
- When the new window opens, you’ll see the expiration date of the SSL certificate where it says “Valid from.”
- If your certificate is still within the period of validity, keep going with the following steps for troubleshooting. If it has already expired, that’s probably what is causing the security error to appear.
Depending on the certificate authority and your particular web host, the process of getting your SSL certificate renewed will vary slightly. But in general, it will cover the following three steps:
- Generate an SSL certificate signing request or CSR.
- Activate the certificate.
- Install it on your WordPress website.
2. Confirm That Your SSL Certificate Was Properly Issued
It’s also possible that your site’s certificate was issued well, which can cause this error. It must be issued properly to avoid problems with SSL.
For example, you could be experiencing some errors on a subdomain of your site. It’s important to understand that the certificate that was installed onto the parent domain will not cover any subdomains you’re using.
To repair this issue, you’ll need to install new SSL certificates for every domain. You can also use what’s known as a multi-domain wildcard SSL.
You’ll also want to make sure that you force SSL on every page and post for your domain and subdomain. With the iThemes Security Pro “force SSL” setting, you’ll be able to do this with only a few clicks.
Also, consider the fact that the certificate you’re using could have been issued by an organization that’s been deemed problematic. It’s important to make sure that you always get a root certificate directly from a certificate authority that is widely trusted.
To determine the organization that is the certificate issuer:
- Navigate to the website that has the issue, then click on the padlock icon by the address bar.
- Choose “Connection is secure.”
- Click on “Certificate is valid.”
- Right next to “Issued by,” you’ll see the organization’s name that issued the certificate.
3. Perform an SSL Server Test
Running an SSL server test will check an SSL certificate’s validity. It may even offer additional insights that’ll help pinpoint SSL issues and resolve them.
If you use SSL Server Test by Qualys, for example, it will analyze your site’s SSL and give it a quality score. All you need to do is enter the domain name of your site into the free tool.
It’ll take several minutes for the tool to analyze the configuration of your site’s SSL. But once it’s complete, it’ll shoot back a report with a grade. When you want to view the report summary and the detailed results of the SSL scan, all you need to do is select one of the servers.
If the grade you receive is an A, this means that it didn’t find any issues with the certificate. If it sends back another score, you’ll want to look into the issues it found and get them fixed.
As an example, this text could produce one or more of the following results:
- The certificate isn’t trusted
- The server is vulnerable to attacks
- The server only accepts cipher with older protocols
- The server only supports older versions of TLS
To repair known issues, identify what they are in the site’s full report, then follow the suggested instructions to resolve the issue. The test will even provide you with article links that will explain the errors you’ve received, and how you can resolve them.
4. Get In Touch With Your Site Host
If you’ve tried all three of the above methods and nothing solved the issue of “Your Connection is Not Private” on your WordPress site, it’s time to get in touch with your host.
This is because a problem that is specific to the host could be causing the error.
How To Fix “Your Connection is Not Private” When You’re a Site Visitor
While it’s true that a site SSL configuration error is typically the main root of “Your Connection is Not Private” errors, there are times when it may be caused by a problem on the client side.
If one of your users reports that they are receiving the error, but nobody else seems to be having the issue, there are several ways you can direct them to help them resolve it on their end.
If you’re seeing that you, or one of your users, is the only site visitor that’s experiencing the error when trying to access your site, or if you’re receiving the error on a site you don’t own that you believe should be secure, there are 11 easy ways to resolve the issue.
- Reload the webpage.
- Try the site again when you’re not on a public Wifi connection.
- Clear all of your browsing data and try reloading the page again.
- Use the incognito mode in your browser. This is a way of checking the site in a “clean” way without clearing all of your browser’s cookies and cache.
- Check your device’s time and date. Your web browser does rely on your device’s date and clock settings to check the validity of an SSL certificate. If it’s wrong, head to Settings >> Time & Language >> Date & Time and make sure it’s set to update automatically.
- Check your internet security suite or antivirus software. You may need to turn off the feature for SSL scanning.
- Disable any VPN that you’re running temporarily and see if that resolves the issue.
- Attempt to access the site via proxy.
- Restart your router and try the site again.
- Even though this may be unsafe, you can choose to manually proceed with the connection. But only do this if you’re sure the error is local only to your device.
- Completely ignore the SSL certificate error. Again, this may not be safe so proceed with caution if you choose this option.
Resolving the Problem of “Your Connection is Not Private”
The error of “Your Connection is Not Private” is mostly caused by errors with SSL certificates. But, as you’ve learned, it may also be an issue on the client side.
While it is only one of many different errors of website connectivity, finding the root of the problem and repairing it can be a bit frustrating for website owners and users alike.
In this guide, you’ve learned many of the different fixes for the error as both a site owner and site user. And we trust that you are now confident in how to proceed with fixing the dreaded error.
Each week, the team at iThemes team publishes new WordPress tutorials and resources, including the Weekly WordPress Vulnerability Report. Since 2008, iThemes has been dedicated to helping you build, maintain, and secure WordPress sites for yourself or for clients. Our mission? Make People’s Lives Awesome.